VYPR

Go modules package

github.com/docker/distribution

pkg:golang/github.com/docker/distribution

Vulnerabilities (2)

  • CVE-2023-2253Jun 6, 2023
    affected < 2.8.2-beta.1fixed 2.8.2-beta.1

    A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all

  • CVE-2017-11468HigJul 20, 2017
    affected < 2.7.0-rc.0fixed 2.7.0-rc.0

    Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.