Project-zot Zot
4 CVEs affecting Project-zot Zot. Latest disclosed: 2026-03-10. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-31801 | High | 7.7 | 2026-03-10 | zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. From 1.3.0 to 2.1.14, zot’s dist-spec authorizati… |
CVE-2025-23208 | High | 7.3 | 2025-01-17 | zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an append-list so group revoca… |
CVE-2024-39897 | Medium | 4.3 | 2024-07-09 | zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If a Zot `accessControl… |
CVE-2025-48374 | | 2025-05-22 | zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 (corresponding to pseudove… |