Stephen J Day

**Name of the Vulnerable Software and Affected Versions** Docker Registry versions prior to 2.6.2 **Description** The issue allows remote attackers to cause a denial of service due to memory consumption. This is achieved via the "manifest endpoint". Various storage methods do not impose limits on the amount of content accepted from user requests, enabling a malicious user to force the caller to allocate an arbitrary amount of memory. **Recommendations** For Docker Registry versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the manifest endpoint to minimize the risk of exploitation.