2025-10-09 20:53:33
GitHub_M
PUBLISHED
Confidential Containerss Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didnt check if the kbs-client submitting the request was actually authenticated (had the right key). This allowed any kbs-client to actually change the attestation policy. Version 0.15.0 fixes the issue.