CVE-2023-46737: Cosign Vulnerability to Denial of Service via Attacker-Controlled Registry
Summary: The popular sigstore signing tool for OCI containers, Cosign, is vulnerable to a denial of service by an attacker-controlled registry. An attacker can cause