A vulnerability classified as problematic has been found in sigstore cosign up to 2.2.3. This affects an unknown part. The manipulation leads to allocation of resources.

This vulnerability is uniquely identified as CVE-2024-29902. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.