pkg:Go/github.com/sigstore/cosign/v3
3 total CVEsMEDIUM2LOW1
✅ Check your installed version
All known vulnerabilities
MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions from 0, < 3.0.4
MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions from 0, < 3.0.4
LOW3.7CVE-2026-24122Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked from 0, < 3.0.5