pkg:Go/zotregistry.dev/zot

共 8 筆 CVEHIGH4MEDIUM2

✅ 檢查你的版本

所有已知漏洞

  • HIGH7.7CVE-2026-31801zot’s create-only policy allows overwrite attempts of existing latest tag (update permission not required)
    from 0
  • HIGH7.7CVE-2026-31801zot’s create-only policy allows overwrite attempts of existing latest tag (update permission not required)
    >= 1.3.0-20210831063041-c8779d9e87d9, <= 1.4.4-20251014054906-73eef25681af
  • HIGH7.3CVE-2025-23208Zot IdP group membership revocation ignored
    from 0
  • HIGH7.3CVE-2025-23208Zot IdP group membership revocation ignored
    from 0, < 2.1.2
  • MEDIUM4.3CVE-2024-39897Cache driver GetBlob() allows read access to any blob without access control check
    from 0
  • MEDIUM4.3CVE-2024-39897Cache driver GetBlob() allows read access to any blob without access control check
    from 0, < 2.1.0
  • CVE-2025-48374zot logs secrets
    from 0, < 1.4.4-0.20250522160828-8a99a3ed231f
  • CVE-2025-48374zot logs secrets
    from 0, < 1.4.4-0.20250522160828-8a99a3ed231f