Lucene search
CVE-2022-35929
🗓️ 04 Aug 2022 19:09:15Reported by Alpine Linux Development TeamType 
alpinelinux🔗 security.alpinelinux.org👁 720 Views
cosign version prior to 1.10.1 allows false positive attestation verificatio
Show more
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | CVE-2022-35929 | 4 Aug 202219:15 | – | cve |
 | cosign's `cosign verify-attestaton --type` can report a false positive if any attestation exists | 10 Aug 202218:40 | – | osv |
| Improper verification of signature attestations in github.com/sigstore/cosign | 9 Nov 202317:47 | – | osv |
| OPENSUSE-SU-2024:12240-1 cosign-1.10.1-1.1 on GA media | 15 Jun 202400:00 | – | osv |
| CVE-2022-35929 | 4 Aug 202219:15 | – | osv |
| BIT-cosign-2022-35929 | 6 Mar 202410:51 | – | osv |
 | SUSE SLED15 / SLES15 Security Update : cosign (SUSE-SU-2022:2877-1) | 24 Aug 202200:00 | – | nessus |
 | Design/Logic Flaw | 4 Aug 202219:15 | – | prion |
 | CVE-2022-35929 | 4 Aug 202219:15 | – | nvd |
 | openSUSE: Security Advisory for cosign (SUSE-SU-2022:2877-1) | 24 Aug 202200:00 | – | openvas |
10
| OS | OS Version | Architecture | Package | Package Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
| Alpine | 3.21-community | noarch | cosign | 1.10.1-r0 | UNKNOWN |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo04 Aug 2022 19:15Current
8.2High risk
Vulners AI Score8.2
CVSS37.1 - 9.8
EPSS0.00059
SSVC