CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT - Prophaze

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

Description

zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an append-list so group revocations/removals are ignored in the API. SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the group definitions in the config file, but that wasn’t obvious to me if it were the case. Any Zot configuration that relies on group-based authorization will not respect group remove/revocation by an IdP. This issue has been addressed in version 2.1.2. All users are advised to upgrade. There are no known workarounds for this vulnerability.

References

https://github.com/project-zot/zot/security/advisories/GHSA-c9p4-xwr9-rfhx

https://github.com/project-zot/zot/commit/002ac62d8a15bf0cba010b3ba7bde86f9837b613

https://github.com/project-zot/zot/blob/5e30fec65c49e3139907e2819ccb39b2e3bd784e/pkg/meta/boltdb/boltdb.go#L1665

For More Information

Contact us to get started

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

Description zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db)

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with

img:is([sizes="auto" i],[sizes^="auto," i]){contain-intrinsic-size:3000px 1500px;}.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em;}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none;}:root{--wp--preset--aspect-ratio--square:1;--wp--preset--aspect-ratio--4-3:4/3;--wp--preset--aspect-ratio--3-4:3/4;--wp--preset--aspect-ratio--3-2:3/2;--wp--preset--aspect-ratio--2-3:2/3;--wp--preset--aspect-ratio--16-9:16/9;--wp--preset--aspect-ratio--9-16:9/16;--wp--preset--color--black:#000;--wp--preset--color--cyan-bluish-gray:#abb8c3;--wp--preset--color--white:#fff;--wp--preset--color--pale-pink:#f78da7;--wp--preset--color--vivid-red:#cf2e2e;--wp--preset--color--luminous-vivid-orange:#ff6900;--wp--preset--color--luminous-vivid-amber:#fcb900;--wp--preset--color--light-green-cyan:#7bdcb5;--wp--preset--color--vivid-green-cyan:#00d084;--wp--preset--color--pale-cyan-blue:#8ed1fc;--wp--preset--color--vivid-cyan-blue:#0693e3;--wp--preset--color--vivid-purple:#9b51e0;--wp--preset--color--pink:#ff3467;--wp--preset--color--blue:#2550de;--wp--preset--color--light-blue:#287ac7;--wp--preset--color--dark-blue:#353f58;--wp--preset--color--silver:#656970;--wp--preset--color--clouds:#f7fbff;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple:linear-gradient(135deg,rgba(6,147,227,1) 0%,#9b51e0 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan:linear-gradient(135deg,#7adcb4 0%,#00d082 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange:linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red:linear-gradient(135deg,rgba(255,105,0,1) 0%,#cf2e2e 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray:linear-gradient(135deg,#eee 0%,#a9b8c3 100%);--wp--preset--gradient--cool-to-warm-spectrum:linear-gradient(135deg,#4aeadc 0%,#9778d1 20%,#cf2aba 40%,#ee2c82 60%,#fb6962 80%,#fef84c 100%);--wp--preset--gradient--blush-light-purple:linear-gradient(135deg,#ffceec 0%,#9896f0 100%);--wp--preset--gradient--blush-bordeaux:linear-gradient(135deg,#fecda5 0%,#fe2d2d 50%,#6b003e 100%);--wp--preset--gradient--luminous-dusk:linear-gradient(135deg,#ffcb70 0%,#c751c0 50%,#4158d0 100%);--wp--preset--gradient--pale-ocean:linear-gradient(135deg,#fff5cb 0%,#b6e3d4 50%,#33a7b5 100%);--wp--preset--gradient--electric-grass:linear-gradient(135deg,#caf880 0%,#71ce7e 100%);--wp--preset--gradient--midnight:linear-gradient(135deg,#020381 0%,#2874fc 100%);--wp--preset--font-size--small:13px;--wp--preset--font-size--medium:20px;--wp--preset--font-size--large:36px;--wp--preset--font-size--x-large:42px;--wp--preset--spacing--20:.44rem;--wp--preset--spacing--30:.67rem;--wp--preset--spacing--40:1rem;--wp--preset--spacing--50:1.5rem;--wp--preset--spacing--60:2.25rem;--wp--preset--spacing--70:3.38rem;--wp--preset--spacing--80:5.06rem;--wp--preset--shadow--natural:6px 6px 9px rgba(0,0,0,.2);--wp--preset--shadow--deep:12px 12px 50px rgba(0,0,0,.4);--wp--preset--shadow--sharp:6px 6px 0px rgba(0,0,0,.2);--wp--preset--shadow--outlined:6px 6px 0px -3px rgba(255,255,255,1),6px 6px rgba(0,0,0,1);--wp--preset--shadow--crisp:6px 6px 0px rgba(0,0,0,1);}:where(.is-layout-flex){gap:.5em;}:where(.is-layout-grid){gap:.5em;}body .is-layout-flex{display:flex;}.is-layout-flex{flex-wrap:wrap;align-items:center;}.is-layout-flex > :is(*,div){margin:0;}body .is-layout-grid{display:grid;}.is-layout-grid > :is(*,div){margin:0;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}.has-black-color{color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color:var(--wp--preset--color--white) !important;}.has-pale-pink-color{color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color:var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color:var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color:var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color:var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color:var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background:var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background:var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background:var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background:var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background:var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background:var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background:var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background:var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background:var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background:var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size:var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size:var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size:var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size:var(--wp--preset--font-size--x-large) !important;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:root :where(.wp-block-pullquote){font-size:1.5em;line-height:1.6;}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}@media screen and (max-height: 1024px){.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}@media screen and (max-height: 640px){.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}body.custom-background{background-color:#fff;}@media (min-width: 992px){.nav__flex-parent{height:90px;}.nav{min-height:90px;}.nav__menu > li > a{line-height:90px;}.nav--sticky.sticky .nav__flex-parent{height:68px;}.nav--sticky.sticky .nav__menu > li > a{line-height:68px;color:#656970;}.nav__menu > li{padding-left:12px;padding-right:12px;}.nav--default{background-color:rgba(255,255,255,0);}.nav--default .nav__menu > li > a{color:#000;}.nav--default .nav__dropdown-menu,.nav--default .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#001b70;}.nav--default .nav__dropdown-menu > li > a{color:#fff;}.nav--default .nav__dropdown-menu > li > a:hover,.nav--default .nav__dropdown-menu > li > a:focus{color:#5579fd;}.nav--sticky.sticky{background-color:rgba(255,255,255,1);}.nav--sticky.sticky .nav__menu > li > a:hover,.nav--sticky.sticky .nav__menu > li.active > a,.nav--sticky.sticky .nav__menu > .current_page_parent > a,.nav--sticky.sticky .nav__menu .current-menu-item > a{color:#1e73be;}.nav--transparent{background-color:rgba(255,255,255,0);}.nav--transparent .nav__menu > li > a{color:#fff;}.nav--transparent .nav__menu > li > a:hover,.nav--transparent .nav__menu > li > a:focus .nav--transparent .nav__menu > li.active > a,.nav--transparent .nav__menu > .current_page_parent > a{color:#fff;}.nav--transparent .nav__dropdown-menu,.nav--transparent .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#fff;}.nav--transparent .nav__dropdown-menu > li:not(.current-menu-item) > a{color:#656970;}.nav--transparent .nav__dropdown-menu > li > a:hover,.nav--transparent .nav__dropdown-menu > li > a:focus{color:#2550de;}}@media (max-width: 991px){.nav__header{height:60px;}.nav{min-height:60px;background-color:#fff;}.nav__menu > li > a{color:#353f58;}.nav__menu li a{border-bottom-color:rgba(231,234,240,1);}}.nav__header .logo{max-height:60px;}.nav--sticky.sticky .nav__header .logo{max-height:48px;}.page-title{padding-top:90px;padding-bottom:115px;background-color:#fff;}a,.loader,.highlight,.comment-edit-link,.footer .widget.widget_calendar a,.widget_rss .rsswidget:hover,.widget_recent_entries a:hover,.widget_recent_comments a:hover,.widget_nav_menu a:hover,.widget_archive a:hover,.widget_pages a:hover,.widget_categories a:hover,.widget_meta a:hover,.footer__nav-menu li a:hover,.footer__widgets .widget a:hover,.copyright a:hover,.copyright a:focus,.link-underline:hover,.link-underline:focus,.case-study__category:hover,.case-study__category:focus{color:#c0c1c2;}.btn,.btn--color,button,input[type="button"],input[type="reset"],input[type="submit"],.button,.btn--button:focus,.btn:hover,.elementor-widget-button .elementor-button,a.cc-btn.cc-dismiss,.mc4wp-form-fields input[type=submit]:focus,.post-password-form label + input,#back-to-top:hover,.widget_tag_cloud a:hover,.entry__tags a:hover,.page-numbers.current,.pagination a:hover,.link-underline:after,.project-filter a.active,.project-filter a:hover,.project-filter a:focus{background-color:#c0c1c2;}input:focus,textarea:focus{border-color:#1f1ddb;}.elementor-widget-tabs .elementor-tab-title.elementor-active{border-top-color:#c0c1c2;}.blog-section,.archive-section,.search-results-section{background-color:#fff;}.nav--default .nav__menu > li > a:hover,.nav--default .nav__menu > li > a:focus,.nav--default .nav__menu > li.active > a,.nav--default .nav__menu > .current_page_parent > a,.nav--default .nav__menu .current-menu-item > a{color:#1e73be;}.nav--default .nav__btn{background-color:#001b70;color:#fff;}.nav--default .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#d11c46;}.nav--sticky.sticky .nav__btn{background-color:#001b70;color:#fff;}.nav--transparent .nav__btn{background-color:#ff3467;color:#fff;}.nav--transparent .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#81d742;}.nav__icon-toggle-bar{background-color:#282e38;}.page-title__title{color:#353f58;}.page-title__subtitle{color:#656970;}.breadcrumbs-wrap{background-color:#f7fbff;}.breadcrumbs a{color:#353f58;}.breadcrumbs__separator{color:#656970;}.breadcrumbs > span{color:#656970;}.entry__article p a,.entry__article li:not(.wp-social-link) a{color:#000;}.entry__meta li,.entry__meta a,.comment-date{color:#fff;}h1,h2,h3,h4,h5,h6{color:#353f58;}body,.deo-newsletter-gdpr-checkbox__label,figcaption,.comment-form-cookies-consent label,.pagination span,.pagination a{color:#656970;}.elementor-widget-wp-widget-recent-posts a,.widget_recent_entries a,.elementor-widget-wp-widget-nav_menu a,.widget_nav_menu a,.elementor-widget-wp-widget-categories a,.widget_categories a,.elementor-widget-wp-widget-pages a,.widget_pages a,.elementor-widget-wp-widget-pages-archives a,.widget_archive a,.elementor-widget-wp-widget-meta a,.widget_meta a{color:#656970;}.footer{background-color:#032747;}.footer__bottom,.footer{border-color:#fff;}.footer .widget-title{color:#000;}.footer,.footer .social,.footer__nav-menu li a,.footer .widget_recent_entries a,.footer .widget_nav_menu a,.footer .widget_categories a,.footer .widget_pages a,.footer .widget_archive a,.footer .widget_meta a{color:#fff;}.copyright,.copyright a{color:#fff;}.footer__col-2 > .widget:first-child .widget-title{color:#46d19b;}.footer__col-2 > .widget:last-child .widget-title{color:#fff;}.footer__col-3 > .widget:first-child .widget-title{color:#fff;}.footer__col-3 > .widget:last-child .widget-title{color:#f38e26;}.cc-window{background-color:#114a9a;}.cc-message{color:#fff;}.cc-link,.cc-link:active,.cc-link:visited,.cc-link:hover,.cc-link:focus{color:#fff;}a.cc-btn.cc-dismiss{background-color:#3f890b;color:#fff;}h1,.h1{font-family:Rubik;font-size:38px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h2,.h2{font-family:Rubik;font-size:32px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h3,.h3{font-family:Rubik;font-size:28px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h4,.h4{font-family:Rubik;font-size:24px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h5,.h5{font-family:Rubik;font-size:20px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h6,.elementor-widget-tabs .elementor-tab-title,.elementor-accordion .elementor-tab-title{font-family:Rubik;font-size:16px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}body,input{font-size:15px;}.entry__article{font-size:1.125rem;line-height:1.8;}.nav__menu li a{font-size:16px;}