CVE-2025-24882

MEDIUM Year: 2025
CVSS v3 Score
5.2
Medium
Weakness Type
CWE-20
View all →

Vulnerability Description

regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1.

Related Vulnerabilities

CVE-2021-25338

MEDIUM
CVSS:5.2(Medium)

Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region.

CWE-202021

CVE-2021-25339

MEDIUM
CVSS:5.2(Medium)

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory.

CWE-202021

CVE-2023-1789

MEDIUM
CVSS:5.2(Medium)

Improper Input Validation in GitHub repository firefly-iii/firefly-iii prior to 6.0.0.

CWE-202023

CVE-2023-35163

MEDIUM
CVSS:5.2(Medium)

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick...

CWE-202023

CVE-2023-39950

MEDIUM
CVSS:5.2(Medium)

efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy ...

CWE-202023

CVE-2009-1197

MEDIUM
CVSS:5.3(Medium)

Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.

CWE-202009