Upgrade org.elasticsearch:elasticsearch to version 7.17.16, 8.11.2 or higher.

zot vulnerabilities

Known vulnerabilities in the zot package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Improper Privilege Management	<2.1.2-r0
L GHSA-c9p4-xwr9-rfhx	<2.1.2-r0
L GHSA-r9px-m959-cxf4	<2.1.1-r8
L Arbitrary Argument Injection	<2.1.1-r8
L Resource Exhaustion	<2.1.1-r8
L GHSA-v725-9546-7q7m	<2.1.1-r8
L GHSA-w32m-9786-jp63	<2.1.1-r7
L CVE-2024-45338	<2.1.1-r7
L GHSA-v778-237x-gjrc	<2.1.1-r6
L CVE-2024-45337	<2.1.1-r6
L Improper Handling of Exceptional Conditions	<2.1.1-r5
L GHSA-29wx-vh33-7x7r	<2.1.1-r5
L GHSA-4f8r-qqr9-fq8j	<2.1.1-r3
L Race Condition	<2.1.1-r3
H Link Following	<2.1.1-r3
L GHSA-mc76-5925-c5p6	<2.1.1-r3
L GHSA-c77r-fh37-x2px	<2.1.1-r2
H Authentication Bypass	<2.1.1-r2
L GHSA-crqm-pwhx-j97f	<2.1.1-r1
L GHSA-j7vj-rw65-4v26	<2.1.1-r1
L CVE-2024-34156	<2.1.1-r1
L CVE-2024-34155	<2.1.1-r1
L GHSA-8xfx-rj4p-23jm	<2.1.1-r1
L CVE-2024-34158	<2.1.1-r1
L GHSA-v23v-6jw2-98fq	<2.1.0-r2
L CVE-2024-41110	<2.1.0-r2
L GHSA-xr7q-jx4m-x55m	<2.1.0-r1
L GHSA-hw49-2p59-3mhj	<2.0.4-r10
L CVE-2024-24791	<2.0.4-r10
L GHSA-3669-72x9-r9p3	<2.0.4-r9
L CVE-2024-37298	<2.0.4-r9
L GHSA-xfhp-jf8p-mh5w	<2.0.4-r8
L CVE-2024-6257	<2.0.4-r8
M Information Exposure Through Log Files	<2.0.4-r7
L GHSA-v6v8-xj6m-xwqh	<2.0.4-r7
L GHSA-2hmf-46v7-v6fx	<2.0.4-r6
L CVE-2023-49559	<2.0.4-r6
M Race Condition	<2.0.4-r5
L GHSA-m5vv-6r4h-3vj9	<2.0.4-r5
L CVE-2024-35192	<2.0.4-r4
L GHSA-xcq4-m2r3-cmrj	<2.0.4-r4
L Improper Validation of Integrity Check Value	<2.0.4-r2
L GHSA-6wvf-f2vw-3425	<2.0.4-r2
L CVE-2024-24788	<2.0.4-r1
L GHSA-5fq7-4mxc-535h	<2.0.4-r1
L CVE-2024-24787	<2.0.4-r1
L GHSA-2jwv-jmq4-4j3r	<2.0.4-r1
L GHSA-q64h-39hv-4cf7	<2.0.4-r0
L CVE-2024-3817	<2.0.4-r0
L GHSA-4v7x-pqxf-cx7m	<2.0.3-r4
L CVE-2023-45288	<2.0.3-r4
M Allocation of Resources Without Limits or Throttling	<2.0.3-r3
L CVE-2024-29018	<2.0.3-r0
L GHSA-88jx-383q-w4qc	<2.0.3-r3
L GHSA-95pr-fxf5-86gv	<2.0.3-r3
H Allocation of Resources Without Limits or Throttling	<2.0.3-r3
L GHSA-mq39-4gv4-mvpx	<2.0.3-r0
H Origin Validation Error	<2.0.2-r0
L GHSA-xw73-rw38-6vjc	<2.0.2-r0
L CVE-2024-28180	<2.0.1-r7
L CVE-2024-24786	<2.0.2-r0
L GHSA-8r3f-844c-mc37	<2.0.2-r0
L GHSA-c5q2-7r4c-mv6g	<2.0.1-r7
H Use of Uninitialized Resource	<2.0.1-r5
L GHSA-r53h-jv2g-vpx6	<2.0.1-r5
L GHSA-v53g-5gjp-272r	<2.0.1-r3
M Directory Traversal	<2.0.1-r3
L GHSA-m3r6-h7wv-7xxv	<2.0.1-r2
C Directory Traversal	<2.0.1-r2
C Incorrect Authorization	<2.0.1-r2
L GHSA-4v98-7qmw-rqr8	<2.0.1-r2
L GHSA-9p26-698r-w4hx	<2.0.1-r2
L GHSA-xr7r-f8xq-vfvv	<2.0.1-r2
H Race Condition	<2.0.1-r2
M Improper Check for Unusual or Exceptional Conditions	<2.0.1-r2
H Exposure of Resource to Wrong Sphere	<2.0.1-r2
L GHSA-wr6v-9f75-vh2g	<2.0.1-r2
L GHSA-9763-4f94-gfch	<2.0.0-r2
L GHSA-mw99-9chc-xw7r	<2.0.0-r1
L GHSA-45x7-px36-x8w8	<2.0.0-r1
M Improper Validation of Integrity Check Value	<2.0.0-r1
H CVE-2023-49568	<2.0.0-r1
L GHSA-7ww5-4wqc-m92c	<2.0.0-r1
L GHSA-2wrh-6pvc-2jm9	<1.4.3-r9
L GHSA-4374-p667-p6c8	<1.4.3-r9
H Allocation of Resources Without Limits or Throttling	<1.4.3-r9
M Cross-site Scripting (XSS)	<1.4.3-r9

Vulnerability

Vulnerable Version

Improper Privilege Management

<2.1.2-r0

GHSA-c9p4-xwr9-rfhx

<2.1.2-r0

GHSA-r9px-m959-cxf4

<2.1.1-r8

Arbitrary Argument Injection

<2.1.1-r8

Resource Exhaustion

<2.1.1-r8