pkg:Debian/gitsign
2 total CVEsMEDIUM2
✅ Check your installed version
All known vulnerabilities
MEDIUM5.4CVE-2026-44310gitsign --verify panics on empty-certificate PKCS7 and exits 0, bypassing exit-code callers from 0
MEDIUM5.3CVE-2026-44309gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits from 0