github.com/docker/distribution

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/docker/distributionpage 1 of 1

CVE-2017-11468HIGHCVSS 7.5EG 7.5✓ Fixed in 2.7.0-rc.0+incompatible
2017-07-20
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.
CVE-2023-2253MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.8.2-beta.1
2023-06-06
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreason…

Check whether github.com/docker/distribution is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/docker/distribution CVEs against the assets you own.

Start Free Scan →