Vulnerabilities > Sigstore > Cosign > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-46737 | Infinite Loop vulnerability in Sigstore Cosign Cosign is a sigstore signing tool for OCI containers. | 5.3 |
| 2022-09-14 | CVE-2022-36056 | Improper Verification of Cryptographic Signature vulnerability in Sigstore Cosign Cosign is a project under the sigstore organization which aims to make signatures invisible infrastructure. | 5.5 |