pkg:Go/github.com/sigstore/cosign/v3
3 total CVEsMEDIUM2LOW1
✅ Check your installed version
All known vulnerabilities
MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions in github.com/sigstore/cosign from 0, < 3.0.4
MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions in github.com/sigstore/cosign from 0, < 3.0.4
LOW3.7CVE-2026-24122Cosign considered signatures valid with expired intermediate certificates when transparency log verification is skipped in github.com/sigstore/cosign from 0, < 3.0.5