Skip to content

kaniko/docker-credential-acr-env

Trivy Image Scan

  • Image: kaniko/docker-credential-acr-env
  • Scan date: 2026-06-21

kaniko/docker-credential-acr-env (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-25679 HIGH v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26.0 1.26.1
stdlib CVE-2026-32280 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.0 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27138 LOW v1.26.0 1.26.1
stdlib CVE-2026-27139 LOW v1.26.0 1.25.8, 1.26.1
No Misconfigurations found

kaniko/docker-credential-ecr-login (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-25679 HIGH v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26.0 1.26.1
stdlib CVE-2026-32280 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.0 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27138 LOW v1.26.0 1.26.1
stdlib CVE-2026-27139 LOW v1.26.0 1.25.8, 1.26.1
No Misconfigurations found

kaniko/docker-credential-gcr (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-25679 HIGH v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26.0 1.26.1
stdlib CVE-2026-32280 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.0 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27138 LOW v1.26.0 1.26.1
stdlib CVE-2026-27139 LOW v1.26.0 1.25.8, 1.26.1
No Misconfigurations found

kaniko/executor (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream GHSA-xmrv-pmrh-hhx2 MEDIUM v1.7.5 1.7.8
github.com/aws/aws-sdk-go-v2/service/s3 GHSA-xmrv-pmrh-hhx2 MEDIUM v1.96.2 1.97.3
github.com/containerd/containerd CVE-2026-46680 HIGH v1.7.30 1.7.32
github.com/containerd/containerd CVE-2026-53488 HIGH v1.7.30 1.7.33
github.com/containerd/containerd CVE-2026-47262 MEDIUM v1.7.30 1.7.33
github.com/containerd/containerd/v2 CVE-2026-46680 HIGH v2.2.0 2.0.9, 2.2.4, 2.3.1
github.com/containerd/containerd/v2 CVE-2026-53488 HIGH v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53489 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53492 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-47262 MEDIUM v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-50195 MEDIUM v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/docker/docker CVE-2026-34040 HIGH v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41567 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-42306 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-33997 MEDIUM v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41568 MEDIUM v28.5.2+incompatible no fix available
github.com/go-git/go-billy/v5 CVE-2026-44973 HIGH v5.8.0 5.9.0
github.com/go-git/go-billy/v5 CVE-2026-44740 MEDIUM v5.8.0 5.9.0
github.com/go-git/go-git/v5 CVE-2026-45022 HIGH v5.17.0 5.19.0
github.com/go-git/go-git/v5 CVE-2026-34165 MEDIUM v5.17.0 5.17.1
github.com/go-git/go-git/v5 CVE-2026-41506 MEDIUM v5.17.0 5.18.0
github.com/go-git/go-git/v5 CVE-2026-45571 MEDIUM v5.17.0 5.19.1
github.com/go-git/go-git/v5 GHSA-w5pp-99ch-qj29 MEDIUM v5.17.0 5.19.1
github.com/go-git/go-git/v5 CVE-2026-33762 LOW v5.17.0 5.17.1
github.com/go-git/go-git/v5 CVE-2026-45570 LOW v5.17.0 5.19.1
github.com/go-jose/go-jose/v4 CVE-2026-34986 HIGH v4.1.3 4.1.4
github.com/moby/buildkit CVE-2026-33747 HIGH v0.26.3 0.28.1
github.com/moby/buildkit CVE-2026-33748 HIGH v0.26.3 0.28.1
go.opentelemetry.io/otel CVE-2026-29181 HIGH v1.40.0 1.41.0
go.opentelemetry.io/otel/sdk CVE-2026-39883 HIGH v1.40.0 1.43.0
google.golang.org/grpc CVE-2026-33186 CRITICAL v1.79.1 1.79.3
stdlib CVE-2026-25679 HIGH v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26.0 1.26.1
stdlib CVE-2026-32280 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.0 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.0 1.25.9, 1.26.2
4 other vulnerabilities found...
No Misconfigurations found

kaniko/warmer (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/containerd/containerd CVE-2026-46680 HIGH v1.7.30 1.7.32
github.com/containerd/containerd CVE-2026-53488 HIGH v1.7.30 1.7.33
github.com/containerd/containerd CVE-2026-47262 MEDIUM v1.7.30 1.7.33
github.com/containerd/containerd/v2 CVE-2026-46680 HIGH v2.2.0 2.0.9, 2.2.4, 2.3.1
github.com/containerd/containerd/v2 CVE-2026-53488 HIGH v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53489 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53492 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-47262 MEDIUM v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-50195 MEDIUM v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/docker/docker CVE-2026-34040 HIGH v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41567 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-42306 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-33997 MEDIUM v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41568 MEDIUM v28.5.2+incompatible no fix available
github.com/moby/buildkit CVE-2026-33747 HIGH v0.26.3 0.28.1
github.com/moby/buildkit CVE-2026-33748 HIGH v0.26.3 0.28.1
google.golang.org/grpc CVE-2026-33186 CRITICAL v1.79.1 1.79.3
stdlib CVE-2026-25679 HIGH v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26.0 1.26.1
stdlib CVE-2026-32280 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.0 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.0 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.0 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.0 1.25.11, 1.26.4
stdlib CVE-2026-27138 LOW v1.26.0 1.26.1
stdlib CVE-2026-27139 LOW v1.26.0 1.25.8, 1.26.1
No Misconfigurations found