| CVE-2026-24122 |
unknown |
— |
— |
|
|
|
4mo ago |
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be conside… |
| CVE-2026-22703 |
unknown |
— |
— |
|
|
|
5mo ago |
Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 and 3.0.4, Cosign bundle can be crafted to successfully verify an artifact even if the embedded Reko… |
| CVE-2024-29903 |
unknown |
— |
— |
|
|
|
2y ago |
Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, maliciously-crafted software artifacts can cause denial of service of the machine running Cosign the… |
| CVE-2024-29902 |
unknown |
— |
— |
|
|
|
2y ago |
Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, a remote image with a malicious attachment can cause denial of service of the host machine running C… |
| CVE-2023-46737 |
unknown |
— |
— |
|
|
|
3y ago |
Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high num… |
