Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/sigstore/cosign/v3

View on go registry
3 Total advisories
3 Vulnerabilities
0 Malware

Vulnerabilities

UNKNOWN
Go

CVE-2026-24122

Cosign considered signatures valid with expired intermediate certificates when transparency log verification is skipped in github.com/sigstore/cosign
MEDIUM 5.5
Go

CVE-2026-22703

Cosign verification accepts any valid Rekor entry under certain conditions
UNKNOWN
Go

CVE-2026-22703

Cosign verification accepts any valid Rekor entry under certain conditions in github.com/sigstore/cosign

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes