cosign (SUSE:Linux Enterprise Module for Basesystem 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP5 package cosign, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2023-48795 — CVSS 5.9 (medium): The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to…
CVE-2024-29902 — CVSS 4.2 (medium): Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, a remote image with a malicious…
CVE-2024-29903 — CVSS 4.2 (medium): Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, maliciously-crafted software artifacts…
CVE-2023-46737 — CVSS 3.1 (low): Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An…