Vulnerabilities > Sigstore > Cosign > 1.12.1

DATE CVE VULNERABILITY TITLE RISK
2024-04-10 CVE-2024-29902 Allocation of Resources Without Limits or Throttling vulnerability in Sigstore Cosign
Cosign provides code signing and transparency for containers and binaries.
network
high complexity
sigstore CWE-770
5.9
5.9
2024-04-10 CVE-2024-29903 Allocation of Resources Without Limits or Throttling vulnerability in Sigstore Cosign
Cosign provides code signing and transparency for containers and binaries.
network
low complexity
sigstore CWE-770
7.5
7.5
2023-11-07 CVE-2023-46737 Infinite Loop vulnerability in Sigstore Cosign
Cosign is a sigstore signing tool for OCI containers.
network
low complexity
sigstore CWE-835
5.3
5.3