VYPR

Go modules package

zotregistry.io/zot

pkg:golang/zotregistry.io/zot

Vulnerabilities (1)

  • CVE-2024-39897Jul 9, 2024
    affected < 2.1.0fixed 2.1.0

    zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If a Zot `accessControl` policy allows users read access to some repositories but restricts read access to other repositories and `dedupe` is en