ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1.
ΠΠ°ΠΊΠ΅ΡΡ
| ΠΠ°ΠΊΠ΅Ρ | Π‘ΡΠ°ΡΡΡ | ΠΠ΅ΡΡΠΈΡ ΠΈΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ | Π Π΅Π»ΠΈΠ· | Π’ΠΈΠΏ |
|---|---|---|---|---|
| golang-github-regclient-regclient | itp | package |
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 13%
0.00044
ΠΠΈΠ·ΠΊΠΈΠΉ
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
CVSS3: 5.2
redhat
Π±ΠΎΠ»ΡΡΠ΅ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1.
CVSS3: 5.2
nvd
11 ΠΌΠ΅ΡΡΡΠ΅Π² Π½Π°Π·Π°Π΄
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1.
CVSS3: 5.2
github
Π±ΠΎΠ»ΡΡΠ΅ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
In regclient, pinned manifest digests may be ignored
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 13%
0.00044
ΠΠΈΠ·ΠΊΠΈΠΉ