Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2025-23208
- EPSS 0.14%
- Published 17.01.2025 23:15:13
- Last modified 04.03.2025 14:45:17
zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an append-list so group revocations/removals are ignored in the API. SetUserGroups is alled on login, but instead of repl...
4.3
CVE-2024-39897
- EPSS 0.27%
- Published 09.07.2024 19:15:12
- Last modified 23.04.2025 17:30:11
zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If a Zot `accessControl` policy allows users read access to some repositories but restricts read access to other r...
1