Security Advisories · notaryproject/notation · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Default `maxSignatureAttempts` in `notation verify` enables an endless data attack
GHSA-rvrx-rrwh-r9p6 published Jun 6, 2023 by priteshbandi

Moderate
Denial of service from high number of artifact signatures
GHSA-9m3v-v4r5-ppx7 published Jun 6, 2023 by priteshbandi

Low