pkg:Go/github.com/notaryproject/notation-go

All known vulnerabilities

• HIGH8.8CVE-2023-33959Verification bypass in github.com/notaryproject/notation-go
  from 0, < 1.0.0-rc.6
• HIGH8.8CVE-2023-33959Verification bypass in github.com/notaryproject/notation-go
  from 0, < 1.0.0-rc.6
• HIGH7.5CVE-2023-25656Denial of service from memory exhaustion in github.com/notaryproject/notation-go
  from 0, < 1.0.0-rc.3
• HIGH7.5Denial of service from memory exhaustion in github.com/notaryproject/notation-go
  from 0, < 1.0.0-rc.3
• MEDIUM4.0notation-go's timestamp signature generation lacks certificate revocation check in github.com/notaryproject/notation-go
  >= 1.2.0-beta.1, < 1.3.0-rc.2
• MEDIUM4.0notation-go's timestamp signature generation lacks certificate revocation check in github.com/notaryproject/notation-go
  >= 1.2.0-beta.1, < 1.3.0-rc.2
• LOW3.3notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go
  >= 1.3.0-rc.1, < 1.3.0-rc.2
• LOW3.3notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go
  >= 1.3.0-rc.1, < 1.3.0-rc.2