Go modules package
github.com/in-toto/in-toto-golang
pkg:golang/github.com/in-toto/in-toto-golang
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41087 | — | < 0.3.0 | 0.3.0 | Sep 21, 2021 | in-toto-golang is a go implementation of the in-toto framework to protect software supply chain integrity. In affected versions authenticated attackers posing as functionaries (i.e., within a trusted set of users for a layout) are able to create attestations that may bypass DISAL |
- CVE-2021-41087Sep 21, 2021affected < 0.3.0fixed 0.3.0
in-toto-golang is a go implementation of the in-toto framework to protect software supply chain integrity. In affected versions authenticated attackers posing as functionaries (i.e., within a trusted set of users for a layout) are able to create attestations that may bypass DISAL