11 matches found
CVE-2024-51491
notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...
CVE-2024-24911
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache...
CVE-2024-24911
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache...
CVE-2024-24911
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache...
CVE-2024-24911
CVE-2024-24911 affects the Check Point Management Server / Domain Management Server cpca process. An Out-of-Bounds read can occur when handling certain HTTP POSTs to TCP port 18264, potentially causing the cpca process to exit and produce a core dump. When cpca is down, VPN and SIC connectivity m...
Check Point Response to CVE-2024-24911 - Out of Bounds read in the CPCA process on a Check Point Management Server
Cause An Out-of-Bounds read may occur when processing certain HTTP "POST" requests to the Security Management Server / Domain Management Server to the TCP port 18264. Repeated requests can cause a denial-of-service DoS of the cpca process and may lead it to exit unexpectedly with a core dump file...
SUSE CVE-2024-51491
notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...
Denial Of Service (DoS)
github.com/notaryproject/notation-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of temporary file operations during CRL cache updates, specifically the use of the os.Rename method, which fails when moving files across different mount points, allows an...
GO-2025-3382 notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go
notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go...
CVE-2024-51491
notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...
notation-go has an OS error when setting CRL cache leads to denial of signature verification
Summary The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating...