Cosign's verify-blob-attestation reports false positive when payload parsing fails

GHSA-w6c6-c85g-mmv6 · BIT-cosign-2026-39395 · CVE-2026-39395

Published Apr 8, 2026 · Modified Apr 9, 2026

Description

cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For new-format bundles, the predicate type validation was bypassed completely.

Impact

When cosign verify-blob-attestation is used without --check-claims set to true, an attestation that has a valid signature but a malformed or unparsable payload would be incorrectly validated. Additionally, systems relying on --type <predicate type> to reject attestations with mismatched types would be lead to trust the unexpected attestation type.

Patches

v3.0.6, v2.6.3

Workarounds

Always set --check-claims=true for attestation verification.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes