Skip to content

CVE-2023-2253 @ Go-github.com/docker/distribution-v0.0.0-20180920194744-16128bbac47f #108

New issue
New issue
Open
Open
CVE-2023-2253 @ Go-github.com/docker/distribution-v0.0.0-20180920194744-16128bbac47f#108
Labels
CheckmarxSCAbranch:mainproject:Yoavast/CX-AST
@Yoavast

Description

@Yoavast
Yoavast
opened on Aug 28, 2023

Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2023-2253
Applications: yael's application
Checkmarx Project: Yoavast/CX-AST
Repository URL: https://github.com/Yoavast/CX-AST
Branch: main
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
Scan ID: b70b7227-90db-4075-88cb-4c196077be97

In github.com/docker/distribution versions v2.1.0-rc.0 through v2.8.1, "catalog" API endpoint can lead to OOM (Out of Memory Error) via malicious user input.

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: v2.8.2

Metadata

Metadata

Assignees

No one assigned

    Labels

    CheckmarxSCAbranch:mainproject:Yoavast/CX-AST

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions