Github.Com Docker Distribution vulnerabilities

CVE-2023-2253 [HIGH] CWE-475 distribution catalog API endpoint can lead to OOM via malicious user input distribution catalog API endpoint can lead to OOM via malicious user input ### Impact Systems that run `distribution` built after a specific commit running on memory-restricted environments can suffer from denial of service by a crafted malicious `/v2/_catalog` API endpoint request. ### Patches Upgrade to at least 2.8.2-beta.1 if you are running `v2.8.x` release. If you use the code from t

CVE-2017-11468 [HIGH] CWE-770 Docker Registry has Allocation of Resources Without Limits or Throttling Docker Registry has Allocation of Resources Without Limits or Throttling Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint. ### Specific Go Packages Affected github.com/docker/distribution/registry/storage github.com/