Vulnerability Database
Blog
FAQ
Docs
GO-2024-3038
See a problem?
Source
https://pkg.go.dev/vuln/GO-2024-3038
Import Source
https://vuln.go.dev/ID/GO-2024-3038.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2024-3038
Aliases
GHSA-qv35-3gw6-8q4j
Published
2024-08-06T22:03:16Z
Modified
2024-08-06T22:27:17.922448Z
Summary
In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient
Details
In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient
References
https://github.com/regclient/regclient/security/advisories/GHSA-qv35-3gw6-8q4j
https://github.com/regclient/regclient/commit/7d17cff26c22196b5ddd66bda8c5ee4abf3d1269
Affected packages
Go
/
github.com/regclient/regclient
Package
Name
github.com/regclient/regclient
View open source insights on deps.dev
Purl
pkg:golang/github.com/regclient/regclient
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0.7.1
GO-2024-3038 - OSV