—
GO-2024-2472
Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registry
Details
Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registry
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/notaryproject/notation
Introduced in:
0 No fixed version published yet for github.com/notaryproject/notation (go modules). Pin to a known-safe version or switch to an alternative.