Description

Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated (had the right key). This allowed any kbs-client to actually change the attestation policy. Version 0.15.0 fixes the issue.

INFO

Published Date :

2025-10-09T20:53:33.855Z

Last Modified :

2025-10-10T14:32:49.097Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-61779 vulnerability.

Vendors Products
Confidential-containers
  • Trustee
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61779.

URL Resource
https://github.com/confidential-containers/trustee/commit/3a7d04a70918fa503a00974dcae653cf9f0640e0 cve-icon cve-icon
https://github.com/confidential-containers/trustee/pull/957 cve-icon cve-icon
https://github.com/confidential-containers/trustee/security/advisories/GHSA-49mc-2q77-m99x cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability