Vulnerabilities in notaryproject
7 resultsCVE-2023-33957LOWDenial of service from high number of artifact signatures in notationEPSS 0.5%CVE-2023-33958MEDIUMDefault `maxSignatureAttempts` in `notation verify` enables an endless data attack in notationEPSS 0.5%CVE-2023-25656HIGHnotation-go has excessive memory allocation on verificationEPSS 0.4%CVE-2023-33959HIGHVerification bypass can cause users into verifying the wrong artifactEPSS 0.4%CVE-2024-23332MEDIUMClient configured with permissive trust policies susceptible to rollback attack in Notary ProjectEPSS 0.3%CVE-2024-51491LOWProcess crash during CRL-based revocation check on OS using separate mount point for temp Directory in notation-goEPSS 0.2%CVE-2024-56138MEDIUMTimestamp signature generation lacks certificate revocation check in notion-goEPSS 0.1%