VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/distribution/distribution/v3

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-35172 high 7.5 7.5 2mo ago Distribution: stale blob access resurrection via repo-scoped redis descriptor cache invalidation
CVE-2026-41888 medium 6.5 6.5 14d ago Distribution's tag deletion bypasses `storage.delete.enabled` configuration