Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Distribution's token authentication allows attacker to inject an untrusted signing key in a JWT
Vulnerability Description
Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable to an issue in which token authentication allows an attacker to inject an untrusted signing key in a JSON web token (JWT). The issue lies in how the JSON web key (JWK) verification is performed. When a JWT contains a JWK header without a certificate chain, the code only checks if the KeyID (`kid`) matches one of the trusted keys, but doesn't verify that the actual key material matches. A fix for the issue is available at commit 5ea9aa028db65ca5665f6af2c20ecf9dc34e5fcd and expected to be a part of version 3.0.0-rc.3. There is no way to work around this issue without patching if the system requires token authentication.
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Distribution 安全漏洞
Vulnerability Description
Distribution是Distribution开源的用于打包、运输、存储和交付内容的工具集。 Distribution 3.0.0-beta.1版本至3.0.0-rc.2版本存在安全漏洞,该漏洞源于允许攻击者在JSON Web令牌中注入不受信任的签名密钥。
CVSS Information
N/A
Vulnerability Type
N/A