CVE-2026-31801 zot create-only policy allows overwrite attempts of existing latest tag (update permission not required)

zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. From 1.3.0 to 2.1.14, zot’s dist-spec authorization middleware infers the required action for PUT /v2/name/manifests/reference as create by default, and only switches to update when the t...

CVE-2026-31801

zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. From 1.3.0 to 2.1.14, zot’s dist-spec authorization middleware infers the required action for PUT /v2/name/manifests/reference as create by default, and only switches to update when the t...

EUVD-2021-2367

Malware in sbrugna...

Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing

Impact In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 treat the Content-Type...

Amazon Linux 2 : containerd (ALASECS-2023-026)

The version of containerd installed on the remote host is prior to 1.4.6-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-026 advisory. The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OC...

Security Bulletin: IBM CICS TX Standard is vulnerable to an Open Container Initiative Distribution Specification vulnerability (CVE-2021-41190).

Summary IBM CICS TX Standard is vulnerable to an Open Container Initiative Distribution Specification vulnerability CVE-2021-41190. The fix removes this vulnerability from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution...

Security Bulletin: IBM CICS TX Advanced is vulnerable to an Open Container Initiative Distribution Specification vulnerability (CVE-2021-41190).

Summary IBM CICS TX Advanced is vulnerable is vulnerable to an Open Container Initiative Distribution Specification vulnerability CVE-2021-41190. The fix removes this vulnerability from IBM CICS TX Advanced. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative...

SUSE SLES12 Security Update : containerd, docker (SUSE-SU-2022:1507-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1507-1 advisory. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI...

Updated docker-containerd packages fix security vulnerability

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

Clarify Content-Type handling

Impact In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both “manifests” and “layers” fields could be interpreted as either a manifest or an index in the...

GHSA-5J5W-G665-5M35 Ambiguous OCI manifest parsing

Impact In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of containerd prior to 1.4.12 and 1.5.8 treat the Content-Type...

Ambiguous OCI manifest parsing

Impact In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of containerd prior to 1.4.12 and 1.5.8 treat the Content-Type...

Medium: containerd, docker

Issue Overview: In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 and versions of...

AZL-44925 CVE-2021-41190 affecting package umoci 0.4.7-13

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

UBUNTU-CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

Oci Distribution-Spec 代码问题漏洞

Oci Distribution-Spec is an Oci distribution specification. A code issue vulnerability exists in Oci Distribution-Spec that stems from the product's use of the Content-Type header to determine the document type, among other actions. An attacker could use this vulnerability to cause text content t...

PT-2021-7848 · Unknown +7 · Oci Distribution Specification +7

Name of the Vulnerable Software and Affected Versions: OCI Distribution Specification versions 1.0.0 and prior Description: The issue concerns the OCI Distribution Specification, which defines an API protocol for content distribution. In versions 1.0.0 and prior, the Content-Type header alone was...