Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-56138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during...

4CVSS6.9AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2025/01/13 10:15 p.m.12 views

CVE-2024-56138

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS0.0013EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/01/13 9:42 p.m.9 views

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS6.8AI score0.00192EPSS
Exploits1
OSV
OSV
added 2025/01/13 9:37 p.m.14 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.5AI score0.0013EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.8 views

notion-go 安全漏洞

notion-go is a collection of libraries that support signing and verifying OCI artifacts for notaryproject individual developers. A security vulnerability exists in notion-go versions 1.2.0-beta.1 through 1.3.0-rc.1, which stems from a failure to validate the revocation status of a certificate whe...

4CVSS6.6AI score0.0013EPSS
Exploits0References2
Rows per page
Query Builder