Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:12 a.m.4 views

CVE-2024-56138

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.4AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2025/01/13 10:15 p.m.14 views

CVE-2024-56138

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS0.0013EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/01/13 10:15 p.m.19 views

CVE-2024-56138 vulnerabilities

Vulnerabilities for packages: flux-fips, flux-source-controller, kyverno, kyverno-notation-aws, kyverno-fips, flux, kyverno-notation-aws-fips, flux-source-controller-fips...

4CVSS6.9AI score0.0013EPSS
Exploits0
Wolfi
Wolfi
added 2025/01/13 10:15 p.m.11 views

CVE-2024-56138 vulnerabilities

Vulnerabilities for packages: flux-source-controller, kyverno-notation-aws, flux...

4CVSS6.9AI score0.0013EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/01/13 10:15 p.m.9 views

CVE-2024-56138

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS7AI score0.0013EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/13 9:37 p.m.19 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.6AI score0.0013EPSS
Exploits0References2
CVE
CVE
added 2025/01/13 9:37 p.m.278 views

CVE-2024-56138

CVE-2024-56138 affects notion-go, a library for signing/verifying OCI artifacts. The timestamp signature generation path did not verify the revocation status of certificates in the TSA chain, enabling a potential MITM-era countersignature that could be stored by notation and cause CI/CD signature...

4CVSS4.2AI score0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/13 9:37 p.m.32 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS0.0013EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/01/13 9:37 p.m.10 views

CVE-2024-56138

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.8AI score0.0013EPSS
Exploits0
OSV
OSV
added 2025/01/13 9:37 p.m.15 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.5AI score0.0013EPSS
Exploits0References4
Rows per page
Query Builder