{"id":"GO-2025-3382","summary":"notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go","details":"notation-go has an OS error when setting CRL cache leads to denial of signature verification in github.com/notaryproject/notation-go","aliases":["CVE-2024-51491","GHSA-qjh3-4j3h-vmwp"],"modified":"2026-02-04T03:40:44.576978Z","published":"2025-01-14T15:58:01Z","related":["CGA-f68m-6fjc-v3qh"],"database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2025-3382"},"references":[{"type":"ADVISORY","url":"https://github.com/notaryproject/notation-go/security/advisories/GHSA-qjh3-4j3h-vmwp"},{"type":"FIX","url":"https://github.com/notaryproject/notation-go/commit/3c3302258ad510fbca2f8a73731569d91f07d196"}],"affected":[{"package":{"name":"github.com/notaryproject/notation-go","ecosystem":"Go","purl":"pkg:golang/github.com/notaryproject/notation-go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"1.3.0-rc.1"},{"fixed":"1.3.0-rc.2"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3382.json"}}],"schema_version":"1.7.3"}