VYPR

Docker Registry

by Docker

Source repositories

CVEs (2)

  • CVE-2017-11468HigJul 20, 2017
    risk 0.42cvss 7.5epss 0.03

    Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.

  • CVE-2020-29591Dec 11, 2020
    risk 0.00cvss epss 0.03

    Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote attacker to achieve root access with a blank password.