3 matches found
zot 安全漏洞
Zot is an open-source OCI image registry developed by The Zot Project. Versions 1.3.0 to 2.1.14 of Zot contain security vulnerabilities. These vulnerabilities stem from the improper operation inference of the dist-spec authorization middleware when handling PUT /v2/name/manifests/reference...
RHEL 10 : skopeo (RHSA-2025:23348)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23348 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify...
CVE-2025-48374
zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f, when using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout...