depscope
Packages
IntegrateAPI DocsCuratorBenchmarkCoverage
Sign inGet API access
depscope/go/zotregistry.dev/zot

zotregistry.dev/zot

govv1.4.3

82 versions0 deps
26
/ 100
Health
update required

zotregistry.dev/[email protected] has vulnerabilities — update to latest

Update to >= 2.1.15 to fix known vulnerabilities

  • Low health score (26/100)
  • 2 high severity vulnerabilities
Health breakdown0 – 100
0/25
maintenance
0/20
popularity
11/25
security
15/15
maturity
0/15
community
Vulnerabilities
8
2 high2 medium4 low
Advisories (8)
SeverityIDSummaryFixed in
mediumCVE-2024-39897Cache driver GetBlob() allows read access to any blob without access control check2.1.0
highCVE-2026-31801zot’s create-only policy allows overwrite attempts of existing latest tag (update permission not required)2.1.15
mediumCVE-2025-48374zot logs secrets1.4.4-0.20250522160828-8a99a3ed231f
highCVE-2025-23208Zot IdP group membership revocation ignored2.1.2
unknownCVE-2024-39897Cache driver GetBlob() allows read access to any blob without access control check in zotregistry.dev/zot—
unknownCVE-2025-23208Zot IdP group membership revocation ignored in zotregistry.dev/zot—
unknownCVE-2025-48374zot logs secrets in zotregistry.dev/zot1.4.4-0.20250522160828-8a99a3ed231f
unknownCVE-2026-31801zot’s create-only policy allows overwrite attempts of existing latest tag (update permission not required) in zotregistry.dev/zot2.1.15

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/zotregistry.dev/zot

Last updated · 2022-11-30T07:35:06Z

DepScope

Package intelligence for AI agents. 19 ecosystems.

Resources
API DocumentationHallucination BenchmarkFor EnterpriseSwagger / OpenAPIPopular PackagesCoverageAI Plugin SetupWatch the pitch (60s)
Legal
Legal hubPrivacy PolicyTerms of ServiceCookie PolicyAcceptable UseAttributionDPASub-processorsSecurityImprintContact中文
© 2026 Cuttalo srl — Italy · VAT IT03242390734Built for AI agents