CVE-2022-23649

Name of the Vulnerable Software and Affected Versions Cosign versions prior to 1.5.2

Description The issue allows an attacker to manipulate Cosign into claiming that a signature exists in the Rekor transparency log even if it does not. This requires the attacker to have pull and push permissions for the signature in OCI and can occur with both standard signing using a keypair and "keyless signing" with Fulcio. If an attacker has access to the signature in OCI, they can manipulate Cosign into believing the entry was stored in Rekor even though it was not. The vulnerability has been patched in version 1.5.2 of Cosign, where the signature in the signedEntryTimestamp provided by Rekor is now compared to the signature being verified, returning an error if they do not match.

Recommendations For versions prior to 1.5.2, upgrade to version 1.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the signature in OCI to minimize the risk of exploitation. Avoid using the dev.sigstore.cosign/bundle annotation in the signature image until the issue is resolved.