What is CVE-2024-51491?

CVE-2024-51491 is a low-severity vulnerability in Notaryproject Notation-go, classified under CWE-703. CVSS score: 3.3/10. Published 2025-01-13.

How severe is CVE-2024-51491?

Low severity. CVSS v3 base score is 3.3 out of 10.

Vulnerability in Notaryproject Notation-go

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocati…

EPSS: 0.000 (10.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L.

Affected products

Notaryproject Notation-go — versions = 1.3.0-rc.1

Weakness classification (CWE)

CWE-703

References

https://github.com/notaryproject/notation-go/security/advisories/GHSA-qjh3-4j3h-vmwp (x_refsource_CONFIRM)
https://github.com/notaryproject/notation-go/commit/3c3302258ad510fbca2f8a73731569d91f07d196 (x_refsource_MISC)
https://man7.org/linux/man-pages/man2/rename.2.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2024-51491?: CVE-2024-51491 is a low-severity vulnerability in Notaryproject Notation-go, classified under CWE-703. CVSS score: 3.3/10. Published 2025-01-13.
How severe is CVE-2024-51491?: Low severity. CVSS v3 base score is 3.3 out of 10.