VDB

GO-2025-4180

GO-2025-4180 PUBLISHED

Step CA Has Authorization Bypass in ACME and SCEP Provisioners in github.com/smallstep/certificates

Affected Products

VendorProductVersions
github.comsmallstep/certificates0, 0

Timeline

  • Dec 8, 2025 CVE Published
  • Feb 4, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›