3 matches found
EUVD-2022-6632
Malicious code in bioql PyPI...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2022:2877-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2877-1 advisory. - Updated to 1.10.1 jscSLE-23879: - CVE-2022-35929: Fixed an issue where cosign verify-attestation --type...
CVE-2022-35929 False positive signature verification in cosign
cosign is a container signing and verification utility. In versions prior to 1.10.1 cosign can report a false positive if any attestation exists. cosign verify-attestation used with the --type flag will report a false positive verification when there is at least one attestation with a valid...