Insecure Signature Verification in github.com/sigstore/cosig
Reporter | Title | Published | Views | Family All 16 |
---|---|---|---|---|
CVE | CVE-2022-35929 | 4 Aug 202219:15 | – | cve |
Prion | Design/Logic Flaw | 4 Aug 202219:15 | – | prion |
OSV | Improper verification of signature attestations in github.com/sigstore/cosign | 9 Nov 202317:47 | – | osv |
OSV | cosign's `cosign verify-attestaton --type` can report a false positive if any attestation exists | 10 Aug 202218:40 | – | osv |
OSV | cosign-1.10.1-1.1 on GA media | 15 Jun 202400:00 | – | osv |
OSV | CVE-2022-35929 | 4 Aug 202219:15 | – | osv |
OSV | BIT-cosign-2022-35929 | 6 Mar 202410:51 | – | osv |
NVD | CVE-2022-35929 | 4 Aug 202219:15 | – | nvd |
OpenVAS | openSUSE: Security Advisory for cosign (SUSE-SU-2022:2877-1) | 24 Aug 202200:00 | – | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2022:2877-1) | 24 Aug 202200:00 | – | openvas |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo