CVE-2025-62375 | in-toto go-witness up to 0.9.0 certificate validation (GHSA-72c7-4g63-hpw5)

October 16, 2025 Yanac

A vulnerability was found in in-toto go-witness up to 0.9.0 and classified as critical. This vulnerability affects unknown code. Executing manipulation can lead to improper certificate validation.

This vulnerability appears as CVE-2025-62375. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More