pkg:Go/github.com/notaryproject/notation
6 total CVEsMEDIUM6
✅ Check your installed version
All known vulnerabilities
- MEDIUM6.5CVE-2023-33958Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack in github.com/notaryproject/notationfrom 0, < 1.0.0-rc.6
- MEDIUM6.5CVE-2023-33958Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack in github.com/notaryproject/notationfrom 0, < 1.0.0-rc.6
- MEDIUM5.7CVE-2023-33957Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notationfrom 0, < 1.0.0-rc.6
- MEDIUM5.7CVE-2023-33957Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notationfrom 0, < 1.0.0-rc.6
- MEDIUM4.0CVE-2024-23332Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registryfrom 0, <= 1.0.0
- MEDIUM4.0CVE-2024-23332Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registryfrom 0