CVE-2025-3757
Publication date 13 May 2025
Last updated 14 May 2025
Ubuntu priority
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| golang-github-openpubkey-openpubkey | 25.04 plucky | Not in release |
| 24.10 oracular | Not in release | |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release |