Количество 10
Количество 10
CVE-2023-2253
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.
CVE-2023-2253
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.
CVE-2023-2253
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.
CVE-2023-2253
CVE-2023-2253
A flaw was found in the `/v2/_catalog` endpoint in distribution/distri ...
SUSE-SU-2023:2298-1
Security update for distribution
SUSE-SU-2023:2154-1
Security update for distribution
SUSE-SU-2023:2153-1
Security update for docker-distribution
GHSA-hqxw-f8mx-cpmw
distribution catalog API endpoint can lead to OOM via malicious user input
BDU:2023-07972
Уязвимость компонента /v2/_catalog корпоративной платформы Red Hat OpenShift Container Platform, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-2253 A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2253 A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2253 A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад | |
| CVE-2023-2253 A flaw was found in the `/v2/_catalog` endpoint in distribution/distri ... | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:2298-1 Security update for distribution | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:2154-1 Security update for distribution | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:2153-1 Security update for docker-distribution | 0% Низкий | больше 2 лет назад | |
| GHSA-hqxw-f8mx-cpmw distribution catalog API endpoint can lead to OOM via malicious user input | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | BDU:2023-07972 Уязвимость компонента /v2/_catalog корпоративной платформы Red Hat OpenShift Container Platform, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу