Skip to content

to be continuous

DOCKER_KANIKO_IMAGE

to-be-continuous/doc

kaniko/docker-credential-acr-env¶

Trivy Image Scan

Image: kaniko/docker-credential-acr-env
Scan date: 2026-04-24

kaniko/docker-credential-acr-env (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2026-25679	HIGH	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib	CVE-2026-27137	HIGH	v1.26.0	1.26.1	https://access.redhat.com/errata/RHSA-2026:8842 https://access.redhat.com/security/cve/CVE-2026-27137 https://bugzilla.redhat.com/2445345 https://bugzilla.redhat.com/2445356 https://errata.almalinux.org/10/ALSA-2026-8842.html https://go.dev/cl/752182 https://go.dev/issue/77952 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-27137.html https://linux.oracle.com/errata/ELSA-2026-8842.html https://nvd.nist.gov/vuln/detail/CVE-2026-27137 https://pkg.go.dev/vuln/GO-2026-4599 https://www.cve.org/CVERecord?id=CVE-2026-27137
stdlib	CVE-2026-32280	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib	CVE-2026-32281	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib	CVE-2026-32283	HIGH	v1.26.0	1.25.9, 1.26.2	https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib	CVE-2026-33810	HIGH	v1.26.0	1.26.2	http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib	CVE-2026-27142	MEDIUM	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib	CVE-2026-32282	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib	CVE-2026-32288	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib	CVE-2026-32289	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib	CVE-2026-27138	LOW	v1.26.0	1.26.1	https://access.redhat.com/security/cve/CVE-2026-27138 https://go.dev/cl/752183 https://go.dev/issue/77953 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27138 https://pkg.go.dev/vuln/GO-2026-4600 https://www.cve.org/CVERecord?id=CVE-2026-27138
stdlib	CVE-2026-27139	LOW	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2026-25679	HIGH	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib	CVE-2026-27137	HIGH	v1.26.0	1.26.1	https://access.redhat.com/errata/RHSA-2026:8842 https://access.redhat.com/security/cve/CVE-2026-27137 https://bugzilla.redhat.com/2445345 https://bugzilla.redhat.com/2445356 https://errata.almalinux.org/10/ALSA-2026-8842.html https://go.dev/cl/752182 https://go.dev/issue/77952 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-27137.html https://linux.oracle.com/errata/ELSA-2026-8842.html https://nvd.nist.gov/vuln/detail/CVE-2026-27137 https://pkg.go.dev/vuln/GO-2026-4599 https://www.cve.org/CVERecord?id=CVE-2026-27137
stdlib	CVE-2026-32280	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib	CVE-2026-32281	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib	CVE-2026-32283	HIGH	v1.26.0	1.25.9, 1.26.2	https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib	CVE-2026-33810	HIGH	v1.26.0	1.26.2	http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib	CVE-2026-27142	MEDIUM	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib	CVE-2026-32282	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib	CVE-2026-32288	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib	CVE-2026-32289	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib	CVE-2026-27138	LOW	v1.26.0	1.26.1	https://access.redhat.com/security/cve/CVE-2026-27138 https://go.dev/cl/752183 https://go.dev/issue/77953 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27138 https://pkg.go.dev/vuln/GO-2026-4600 https://www.cve.org/CVERecord?id=CVE-2026-27138
stdlib	CVE-2026-27139	LOW	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found

kaniko/docker-credential-gcr (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2026-25679	HIGH	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib	CVE-2026-27137	HIGH	v1.26.0	1.26.1	https://access.redhat.com/errata/RHSA-2026:8842 https://access.redhat.com/security/cve/CVE-2026-27137 https://bugzilla.redhat.com/2445345 https://bugzilla.redhat.com/2445356 https://errata.almalinux.org/10/ALSA-2026-8842.html https://go.dev/cl/752182 https://go.dev/issue/77952 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-27137.html https://linux.oracle.com/errata/ELSA-2026-8842.html https://nvd.nist.gov/vuln/detail/CVE-2026-27137 https://pkg.go.dev/vuln/GO-2026-4599 https://www.cve.org/CVERecord?id=CVE-2026-27137
stdlib	CVE-2026-32280	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib	CVE-2026-32281	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib	CVE-2026-32283	HIGH	v1.26.0	1.25.9, 1.26.2	https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib	CVE-2026-33810	HIGH	v1.26.0	1.26.2	http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib	CVE-2026-27142	MEDIUM	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib	CVE-2026-32282	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib	CVE-2026-32288	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib	CVE-2026-32289	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib	CVE-2026-27138	LOW	v1.26.0	1.26.1	https://access.redhat.com/security/cve/CVE-2026-27138 https://go.dev/cl/752183 https://go.dev/issue/77953 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27138 https://pkg.go.dev/vuln/GO-2026-4600 https://www.cve.org/CVERecord?id=CVE-2026-27138
stdlib	CVE-2026-27139	LOW	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found

kaniko/executor (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	MEDIUM	v1.7.5	1.7.8	https://github.com/aws/aws-sdk-go-v2 https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2026-03-23 https://github.com/aws/aws-sdk-go-v2/security/advisories/GHSA-xmrv-pmrh-hhx2
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	MEDIUM	v1.96.2	1.97.3	https://github.com/aws/aws-sdk-go-v2 https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2026-03-23 https://github.com/aws/aws-sdk-go-v2/security/advisories/GHSA-xmrv-pmrh-hhx2
github.com/docker/docker	CVE-2026-34040	HIGH	v28.5.2+incompatible	29.3.1	https://access.redhat.com/security/cve/CVE-2026-34040 https://docs.docker.com/engine/extend/plugins_authorization https://github.com/moby/moby https://github.com/moby/moby/commit/e89edb19ad7de0407a5d31e3111cb01aa10b5a38 https://github.com/moby/moby/releases/tag/docker-v29.3.1 https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2 https://nvd.nist.gov/vuln/detail/CVE-2026-34040 https://www.cve.org/CVERecord?id=CVE-2026-34040
github.com/docker/docker	CVE-2026-33997	MEDIUM	v28.5.2+incompatible	29.3.1	https://access.redhat.com/security/cve/CVE-2026-33997 https://docs.docker.com/engine/extend/legacy_plugins https://github.com/moby/moby https://github.com/moby/moby/commit/f4d6f25bf0c3fa12d4968320a45685947756a22a https://github.com/moby/moby/releases/tag/docker-v29.3.1 https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9 https://nvd.nist.gov/vuln/detail/CVE-2026-33997 https://www.cve.org/CVERecord?id=CVE-2026-33997
github.com/go-git/go-git/v5	CVE-2026-34165	MEDIUM	v5.17.0	5.17.1	https://access.redhat.com/security/cve/CVE-2026-34165 https://github.com/go-git/go-git https://github.com/go-git/go-git/releases/tag/v5.17.1 https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp https://nvd.nist.gov/vuln/detail/CVE-2026-34165 https://www.cve.org/CVERecord?id=CVE-2026-34165
github.com/go-git/go-git/v5	GHSA-3xc5-wrhm-f963	MEDIUM	v5.17.0	5.18.0	https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-3xc5-wrhm-f963
github.com/go-git/go-git/v5	CVE-2026-33762	LOW	v5.17.0	5.17.1	https://access.redhat.com/security/cve/CVE-2026-33762 https://github.com/go-git/go-git https://github.com/go-git/go-git/releases/tag/v5.17.1 https://github.com/go-git/go-git/security/advisories/GHSA-gm2x-2g9h-ccm8 https://nvd.nist.gov/vuln/detail/CVE-2026-33762 https://www.cve.org/CVERecord?id=CVE-2026-33762
github.com/go-jose/go-jose/v4	CVE-2026-34986	HIGH	v4.1.3	4.1.4	https://access.redhat.com/security/cve/CVE-2026-34986 https://github.com/go-jose/go-jose https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8 https://nvd.nist.gov/vuln/detail/CVE-2026-34986 https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants https://www.cve.org/CVERecord?id=CVE-2026-34986
github.com/moby/buildkit	CVE-2026-33747	HIGH	v0.26.3	0.28.1	https://access.redhat.com/security/cve/CVE-2026-33747 https://github.com/moby/buildkit https://github.com/moby/buildkit/releases/tag/v0.28.1 https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj https://nvd.nist.gov/vuln/detail/CVE-2026-33747 https://www.cve.org/CVERecord?id=CVE-2026-33747
github.com/moby/buildkit	CVE-2026-33748	HIGH	v0.26.3	0.28.1	https://access.redhat.com/security/cve/CVE-2026-33748 https://docs.docker.com/build/concepts/context/#url-fragments https://github.com/moby/buildkit https://github.com/moby/buildkit/releases/tag/v0.28.1 https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg https://nvd.nist.gov/vuln/detail/CVE-2026-33748 https://www.cve.org/CVERecord?id=CVE-2026-33748
go.opentelemetry.io/otel/sdk	CVE-2026-39883	HIGH	v1.40.0	1.43.0	http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0 https://github.com/open-telemetry/opentelemetry-go https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-hfvc-g4fc-pqhx https://nvd.nist.gov/vuln/detail/CVE-2026-39883
google.golang.org/grpc	CVE-2026-33186	CRITICAL	v1.79.1	1.79.3	https://access.redhat.com/security/cve/CVE-2026-33186 https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3 https://nvd.nist.gov/vuln/detail/CVE-2026-33186 https://www.cve.org/CVERecord?id=CVE-2026-33186
stdlib	CVE-2026-25679	HIGH	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib	CVE-2026-27137	HIGH	v1.26.0	1.26.1	https://access.redhat.com/errata/RHSA-2026:8842 https://access.redhat.com/security/cve/CVE-2026-27137 https://bugzilla.redhat.com/2445345 https://bugzilla.redhat.com/2445356 https://errata.almalinux.org/10/ALSA-2026-8842.html https://go.dev/cl/752182 https://go.dev/issue/77952 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-27137.html https://linux.oracle.com/errata/ELSA-2026-8842.html https://nvd.nist.gov/vuln/detail/CVE-2026-27137 https://pkg.go.dev/vuln/GO-2026-4599 https://www.cve.org/CVERecord?id=CVE-2026-27137
stdlib	CVE-2026-32280	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib	CVE-2026-32281	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib	CVE-2026-32283	HIGH	v1.26.0	1.25.9, 1.26.2	https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib	CVE-2026-33810	HIGH	v1.26.0	1.26.2	http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib	CVE-2026-27142	MEDIUM	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib	CVE-2026-32282	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib	CVE-2026-32288	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib	CVE-2026-32289	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib	CVE-2026-27138	LOW	v1.26.0	1.26.1	https://access.redhat.com/security/cve/CVE-2026-27138 https://go.dev/cl/752183 https://go.dev/issue/77953 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27138 https://pkg.go.dev/vuln/GO-2026-4600 https://www.cve.org/CVERecord?id=CVE-2026-27138
stdlib	CVE-2026-27139	LOW	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found

kaniko/warmer (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/docker/docker	CVE-2026-34040	HIGH	v28.5.2+incompatible	29.3.1	https://access.redhat.com/security/cve/CVE-2026-34040 https://docs.docker.com/engine/extend/plugins_authorization https://github.com/moby/moby https://github.com/moby/moby/commit/e89edb19ad7de0407a5d31e3111cb01aa10b5a38 https://github.com/moby/moby/releases/tag/docker-v29.3.1 https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2 https://nvd.nist.gov/vuln/detail/CVE-2026-34040 https://www.cve.org/CVERecord?id=CVE-2026-34040
github.com/docker/docker	CVE-2026-33997	MEDIUM	v28.5.2+incompatible	29.3.1	https://access.redhat.com/security/cve/CVE-2026-33997 https://docs.docker.com/engine/extend/legacy_plugins https://github.com/moby/moby https://github.com/moby/moby/commit/f4d6f25bf0c3fa12d4968320a45685947756a22a https://github.com/moby/moby/releases/tag/docker-v29.3.1 https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9 https://nvd.nist.gov/vuln/detail/CVE-2026-33997 https://www.cve.org/CVERecord?id=CVE-2026-33997
github.com/moby/buildkit	CVE-2026-33747	HIGH	v0.26.3	0.28.1	https://access.redhat.com/security/cve/CVE-2026-33747 https://github.com/moby/buildkit https://github.com/moby/buildkit/releases/tag/v0.28.1 https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj https://nvd.nist.gov/vuln/detail/CVE-2026-33747 https://www.cve.org/CVERecord?id=CVE-2026-33747
github.com/moby/buildkit	CVE-2026-33748	HIGH	v0.26.3	0.28.1	https://access.redhat.com/security/cve/CVE-2026-33748 https://docs.docker.com/build/concepts/context/#url-fragments https://github.com/moby/buildkit https://github.com/moby/buildkit/releases/tag/v0.28.1 https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg https://nvd.nist.gov/vuln/detail/CVE-2026-33748 https://www.cve.org/CVERecord?id=CVE-2026-33748
google.golang.org/grpc	CVE-2026-33186	CRITICAL	v1.79.1	1.79.3	https://access.redhat.com/security/cve/CVE-2026-33186 https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3 https://nvd.nist.gov/vuln/detail/CVE-2026-33186 https://www.cve.org/CVERecord?id=CVE-2026-33186
stdlib	CVE-2026-25679	HIGH	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib	CVE-2026-27137	HIGH	v1.26.0	1.26.1	https://access.redhat.com/errata/RHSA-2026:8842 https://access.redhat.com/security/cve/CVE-2026-27137 https://bugzilla.redhat.com/2445345 https://bugzilla.redhat.com/2445356 https://errata.almalinux.org/10/ALSA-2026-8842.html https://go.dev/cl/752182 https://go.dev/issue/77952 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-27137.html https://linux.oracle.com/errata/ELSA-2026-8842.html https://nvd.nist.gov/vuln/detail/CVE-2026-27137 https://pkg.go.dev/vuln/GO-2026-4599 https://www.cve.org/CVERecord?id=CVE-2026-27137
stdlib	CVE-2026-32280	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib	CVE-2026-32281	HIGH	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib	CVE-2026-32283	HIGH	v1.26.0	1.25.9, 1.26.2	https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib	CVE-2026-33810	HIGH	v1.26.0	1.26.2	http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib	CVE-2026-27142	MEDIUM	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib	CVE-2026-32282	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib	CVE-2026-32288	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib	CVE-2026-32289	MEDIUM	v1.26.0	1.25.9, 1.26.2	https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib	CVE-2026-27138	LOW	v1.26.0	1.26.1	https://access.redhat.com/security/cve/CVE-2026-27138 https://go.dev/cl/752183 https://go.dev/issue/77953 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27138 https://pkg.go.dev/vuln/GO-2026-4600 https://www.cve.org/CVERecord?id=CVE-2026-27138
stdlib	CVE-2026-27139	LOW	v1.26.0	1.25.8, 1.26.1	https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found