pkg:Debian/golang-github-sigstore-cosign-v2

1 total CVEMEDIUM1

✅ Check your installed version

All known vulnerabilities

  • MEDIUM4.3CVE-2026-39395Cosign's verify-blob-attestation reports false positive when payload parsing fails
    from 0, < 2.6.3-2