Improper Access Control
github.com/project-zot/zot is vulnerable to Improper Access Control. The vulnerability is due to improper access control enforcement when deduplication is enabled. An attacker can read blobs both config and layers by digest from repositories they do not have access to by exploiting the global cac...