Security Advisory

CVE-2025-61779

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-09 20:53:33

Last updated 2025-10-10 14:32:49

Assigner GitHub_M

State PUBLISHED

Description

Confidential Containerss Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didnt check if the kbs-client submitting the request was actually authenticated (had the right key). This allowed any kbs-client to actually change the attestation policy. Version 0.15.0 fixes the issue.

← Browse all CVEs View on cve.org ↗