Go modules package
github.com/docker/distribution
pkg:golang/github.com/docker/distribution
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-2253 | — | < 2.8.2-beta.1 | 2.8.2-beta.1 | Jun 6, 2023 | A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all | ||
| CVE-2017-11468 | Hig | 7.5 | < 2.7.0-rc.0 | 2.7.0-rc.0 | Jul 20, 2017 | Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint. |
- CVE-2023-2253Jun 6, 2023affected < 2.8.2-beta.1fixed 2.8.2-beta.1
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all
- affected < 2.7.0-rc.0fixed 2.7.0-rc.0
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.