VYPR

rpm package

suse/docker-distribution&distro=SUSE Linux Enterprise Module for Containers 12

pkg:rpm/suse/docker-distribution&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012

Vulnerabilities (3)

  • CVE-2023-2253Jun 6, 2023
    affected < 2.6.2-13.9.1fixed 2.6.2-13.9.1

    A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all

  • CVE-2017-11468HigJul 20, 2017
    affected < 2.6.2-13.6.1fixed 2.6.2-13.6.1

    Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.

  • CVE-2017-8932MedJul 6, 2017
    affected < 2.6.1-15.2fixed 2.6.1-15.2

    A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input