| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51491 | Process crash during CRL-based revocation check on OS using separate mount point for temp Directory in notation-go | notaryproject | notation-go | Low | 3.3 | 2025-01-13 21:42:11 | Deep Dive |
| CVE-2024-56138 | Timestamp signature generation lacks certificate revocation check in notion-go | notaryproject | notation-go | Medium | 4.0 | 2025-01-13 21:38:00 | Deep Dive |
| CVE-2024-23332 | Client configured with permissive trust policies susceptible to rollback attack in Notary Project | notaryproject | specifications | Medium | 4.0 | 2024-01-19 22:19:37 | Deep Dive |
| CVE-2023-33959 | Verification bypass can cause users into verifying the wrong artifact | notaryproject | notation-go | High | 8.3 | 2023-06-06 18:15:14 | Deep Dive |
| CVE-2023-33958 | Default `maxSignatureAttempts` in `notation verify` enables an endless data attack in notation | notaryproject | notation | Medium | 5.4 | 2023-06-06 18:13:17 | Deep Dive |
| CVE-2023-33957 | Denial of service from high number of artifact signatures in notation | notaryproject | notation | Low | 2.6 | 2023-06-06 18:10:30 | Deep Dive |
| CVE-2023-25656 | notation-go has excessive memory allocation on verification | notaryproject | notation-go | High | 7.5 | 2023-02-20 00:00:00 | Deep Dive |