Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/notaryproject/notation

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/notaryproject/notation in go

Moderate
almost 2 years ago

Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registry GSA_kwCzR0hTQS01N3d4LW02MzYtZzNnOM4AA4lw

go github.com/notaryproject/notation
Moderate
over 2 years ago

Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack GSA_kwCzR0hTQS1ydnJ4LXJyd2gtcjlwNs4AAzr3

go github.com/notaryproject/notation
Moderate
over 2 years ago

Notation vulnerable to denial of service from high number of artifact signatures GSA_kwCzR0hTQS05bTN2LXY0cjUtcHB4N84AAzr2

go github.com/notaryproject/notation

Filter by Severity

Moderate 3