Workflow

In-toto

Latest version: v2.3.0

The latest version of in-toto with no known security vulnerabilities is 2.3.0. We recommend installing version 2.3.0.

The information on this page was curated by experts in our Cybersecurity Intelligence Team.

Latest release
v2.3.0 at April 10, 2024
License
Apache-2.0 (Apache License 2.0)

Description

A framework to define and secure the integrity of software supply chains

Resources

Vulnerabilities (4)

See all vulnerabilities
CVE-2023-32076
Affected versions:

<2.0.0

In-toto 2.0.0 fixes a security issue: Configuration Read From …
PVE-2023-58653
Affected versions:

<2.0.0

In-toto 2.0.0 fixes a security issue: PGP trust model not (ful…
PVE-2023-58647
Affected versions:

<2.0.0

In-toto 2.0.0 fixes a security issue: Functionaries Do Not Per…
CVE-2020-36242
Affected versions:

<1.0.1

In-toto version 1.0.1 updates its dependency "cryptography" to…

Versions (29)

See all versions

Has known vulnerabilities

  • 2.3.0
  • 2.2.0
  • 2.1.1
  • 2.1.0
  • 2.0.0
  • 1.4.0
  • 1.3.2
  • 1.3.1
  • 1.3.0
  • 1.2.0
  • 1.1.1
  • 1.1.0
  • 1.0.1
  • 1.0.0
  • 0.5.0
  • 0.4.2
  • 0.4.1
  • 0.4.0
  • 0.3.0
  • 0.2.3