Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

in-toto

pypi

A framework to define and secure the integrity of software supply chains

View on github.com · View on pypi.org

Security Advisories for in-toto in pypi

Moderate
over 2 years ago

in-toto: PGP trust model not (fully) considered GSA_kwCzR0hTQS1qamdwLXdocnAtZ3E4bc4AAzSn

pypi in-toto
Moderate
over 2 years ago

in-toto vulnerable to Configuration Read From Local Directory GSA_kwCzR0hTQS13YzY0LWM1cnYtMzJwZs4AAzSm

pypi in-toto

Filter by Severity

Moderate 2