Homepage

cosign vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cosign package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Allocation of Resources Without Limits or Throttling

<2.5.0-150400.3.27.1
  • H
CVE-2025-22868

<2.5.0-150400.3.27.1
  • M
Information Exposure Through Log Files

<2.5.0-150400.3.27.1
  • M
CVE-2025-22870

<2.5.0-150400.3.27.1
  • L
Improper Handling of Exceptional Conditions

<2.5.0-150400.3.27.1
  • H
CVE-2025-22869

<2.5.0-150400.3.27.1
  • M
Allocation of Resources Without Limits or Throttling

<2.2.4-150400.3.20.1
  • M
Allocation of Resources Without Limits or Throttling

<2.2.4-150400.3.20.1
  • H
Improper Validation of Integrity Check Value

<2.2.3-150400.3.17.1
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

<2.2.1-150400.3.14.1
  • L
SUSE-SU-2023:2665-1

<2.0.1-150400.3.11.1