pkg:Bitnami/cosign

共 9 筆 CVEHIGH1MEDIUM5LOW3

✅ 檢查你的版本

所有已知漏洞

  • HIGH7.1CVE-2022-35929False positive signature verification in cosign
    from 0, < 1.10.1
  • MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions
    from 0, < 2.6.2, >= 3.0.0, < 3.0.4
  • MEDIUM5.5CVE-2022-36056Vulnerabilities with blob verification in sigstore cosign
    from 0, < 1.12.0
  • MEDIUM4.3CVE-2026-39395Cosign's verify-blob-attestation reports false positive when payload parsing fails
    from 0, < 2.6.3, >= 3.0.0, < 3.0.6
  • MEDIUM4.2CVE-2024-29903Cosign malicious artifacts can cause machine-wide DoS
    from 0, < 2.2.4
  • MEDIUM4.2CVE-2024-29902Cosign malicious attachments can cause system-wide denial of service
    from 0, < 2.2.4
  • LOW3.7CVE-2026-24122Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked
    from 0, < 3.0.5
  • LOW3.3CVE-2022-23649Improper Certificate Validation in Cosign
    from 0, < 1.5.2
  • LOW3.1CVE-2023-46737Cosign vulnerable to possible endless data attack from attacker-controlled registry
    from 0, < 2.2.1