SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2025:1333-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1333-1 advisory. - CVE-2024-6104: cosign: hashicorp/go-retryablehttp: Fixed sensitive information disclosure to l...

GO-2022-0379 Type confusion in github.com/docker/distribution

Systems that rely on digest equivalence for image attestations may be vulnerable to type confusion. A maliciously crafted OCI Container Image can cause registry clients to parse the same image in two different ways without modifying the image's digest, invalidating the common pattern of relying o...

GHSA-QQ97-VM5H-RRHG OCI Manifest Type Confusion Issue

Impact Systems that rely on digest equivalence for image attestations may be vulnerable to type confusion. Patches Upgrade to at least v2.8.0-beta.1 if you are running v2.x release. If you use the code from the main branch, update at least to the commit after...

OCI Manifest Type Confusion Issue

Impact Systems that rely on digest equivalence for image attestations may be vulnerable to type confusion. Patches Upgrade to at least v2.8.0-beta.1 if you are running v2.x release. If you use the code from the main branch, update at least to the commit after...