Vulnerabilities > Notaryproject

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2024-23332 Operation on a Resource after Expiration or Release vulnerability in Notaryproject Notation-Go
The Notary Project is a set of specifications and tools intended to provide a cross-industry standard for securing software supply chains by using authentic container images and other OCI artifacts.
network
low complexity
notaryproject CWE-672
6.8
2023-06-06 CVE-2023-33957 Resource Exhaustion vulnerability in Notaryproject Notation-Go
notation is a CLI tool to sign and verify OCI artifacts and container images.
network
low complexity
notaryproject CWE-400
5.7
2023-06-06 CVE-2023-33958 Resource Exhaustion vulnerability in Notaryproject Notation-Go
notation is a CLI tool to sign and verify OCI artifacts and container images.
network
low complexity
notaryproject CWE-400
6.5
2023-06-06 CVE-2023-33959 Improper Verification of Cryptographic Signature vulnerability in Notaryproject Notation-Go
notation is a CLI tool to sign and verify OCI artifacts and container images.
network
low complexity
notaryproject CWE-347
8.8
2023-02-20 CVE-2023-25656 Allocation of Resources Without Limits or Throttling vulnerability in Notaryproject Notation-Go 0.7.0/0.8.0/0.9.0
notation-go is a collection of libraries for supporting Notation sign, verify, push, and pull of oci artifacts.
network
low complexity
notaryproject CWE-770
7.5