Search for packages
| purl | pkg:deb/debian/golang-github-containers-image@5.34.2-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-52c5-4udv-jydb | github.com/containers/image allows unexpected authenticated registry accesses A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. |
CVE-2024-3727
GHSA-6wvf-f2vw-3425 |
| VCID-at1e-t3kt-17bg | containers/image library Insufficiently Protects Credentials The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. |
CVE-2019-10214
GHSA-85p9-j7c9-v4gr |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:37:10.706549+00:00 | Debian Importer | Fixing | VCID-at1e-t3kt-17bg | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T12:48:46.366762+00:00 | Debian Importer | Fixing | VCID-52c5-4udv-jydb | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:24:13.712889+00:00 | Debian Importer | Fixing | VCID-at1e-t3kt-17bg | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:25:41.779122+00:00 | Debian Importer | Fixing | VCID-52c5-4udv-jydb | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:25:41.726218+00:00 | Debian Importer | Fixing | VCID-at1e-t3kt-17bg | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |