pkg:Go/github.com/notaryproject/notation-go

共 8 筆 CVEHIGH4MEDIUM2LOW2

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2023-33959notation-go's verification bypass can cause users to verify the wrong artifact
    from 0, < 1.0.0-rc.6
  • HIGH8.8CVE-2023-33959notation-go's verification bypass can cause users to verify the wrong artifact
    from 0, < 1.0.0-rc.6
  • HIGH7.5CVE-2023-25656notation-go has excessive memory allocation on verification
    from 0, < 1.0.0-rc.3
  • HIGH7.5CVE-2023-25656notation-go has excessive memory allocation on verification
    from 0, < 1.0.0-rc.3
  • MEDIUM4.0CVE-2024-56138notation-go's timestamp signature generation lacks certificate revocation check
    >= 1.2.0-beta.1, < 1.3.0-rc.2
  • MEDIUM4.0CVE-2024-56138notation-go's timestamp signature generation lacks certificate revocation check
    >= 1.2.0-beta.1, < 1.3.0-rc.2
  • LOW3.3CVE-2024-51491notation-go has an OS error when setting CRL cache leads to denial of signature verification
    >= 1.3.0-rc.1, < 1.3.0-rc.2
  • LOW3.3CVE-2024-51491notation-go has an OS error when setting CRL cache leads to denial of signature verification
    >= 1.3.0-rc.1, < 1.3.0-rc.2