Skip to content

gcr.io/google.com/cloudsdktool/cloud-sdk:latest (debian 13.5)

Trivy Image Scan

  • Image: gcr.io/google.com/cloudsdktool/cloud-sdk:latest (debian 13.5)
  • Scan date: 2026-06-21

gcr.io/google.com/cloudsdktool/cloud-sdk:latest (debian 13.5) (debian)

Package Vulnerability ID Severity Installed Version Fixed Version Links
apt CVE-2011-3374 LOW 3.0.3 no fix available
apt-transport-https CVE-2011-3374 LOW 3.0.3 no fix available
bash TEMP-0841856-B18BAF LOW 5.2.37-2+b9 no fix available
bash-completion CVE-2018-7738 LOW 1:2.16.0-7 no fix available
binutils CVE-2017-13716 LOW 2.44-3 no fix available
binutils CVE-2018-20673 LOW 2.44-3 no fix available
binutils CVE-2018-20712 LOW 2.44-3 no fix available
binutils CVE-2018-9996 LOW 2.44-3 no fix available
binutils CVE-2021-32256 LOW 2.44-3 no fix available
binutils CVE-2025-11081 LOW 2.44-3 no fix available
binutils CVE-2025-11082 LOW 2.44-3 no fix available
binutils CVE-2025-11083 LOW 2.44-3 no fix available
binutils CVE-2025-11412 LOW 2.44-3 no fix available
binutils CVE-2025-11413 LOW 2.44-3 no fix available
binutils CVE-2025-11414 LOW 2.44-3 no fix available
binutils CVE-2025-1147 LOW 2.44-3 no fix available
binutils CVE-2025-1148 LOW 2.44-3 no fix available
binutils CVE-2025-1149 LOW 2.44-3 no fix available
binutils CVE-2025-11494 LOW 2.44-3 no fix available
binutils CVE-2025-11495 LOW 2.44-3 no fix available
binutils CVE-2025-1150 LOW 2.44-3 no fix available
binutils CVE-2025-1151 LOW 2.44-3 no fix available
binutils CVE-2025-1152 LOW 2.44-3 no fix available
binutils CVE-2025-1153 LOW 2.44-3 no fix available
binutils CVE-2025-1176 LOW 2.44-3 no fix available
binutils CVE-2025-1178 LOW 2.44-3 no fix available
binutils CVE-2025-1180 LOW 2.44-3 no fix available
binutils CVE-2025-1181 LOW 2.44-3 no fix available
binutils CVE-2025-1182 LOW 2.44-3 no fix available
binutils CVE-2025-11839 LOW 2.44-3 no fix available
binutils CVE-2025-11840 LOW 2.44-3 no fix available
binutils CVE-2025-3198 LOW 2.44-3 no fix available
binutils CVE-2025-5244 LOW 2.44-3 no fix available
binutils CVE-2025-5245 LOW 2.44-3 no fix available
binutils CVE-2025-66861 LOW 2.44-3 no fix available
binutils CVE-2025-66862 LOW 2.44-3 no fix available
binutils CVE-2025-66863 LOW 2.44-3 no fix available
binutils CVE-2025-66864 LOW 2.44-3 no fix available
binutils CVE-2025-66865 LOW 2.44-3 no fix available
binutils CVE-2025-66866 LOW 2.44-3 no fix available
binutils CVE-2025-69644 LOW 2.44-3 no fix available
binutils CVE-2025-69645 LOW 2.44-3 no fix available
binutils CVE-2025-69646 LOW 2.44-3 no fix available
binutils CVE-2025-69647 LOW 2.44-3 no fix available
binutils CVE-2025-69648 LOW 2.44-3 no fix available
binutils CVE-2025-69649 LOW 2.44-3 no fix available
binutils CVE-2025-69650 LOW 2.44-3 no fix available
binutils CVE-2025-69651 LOW 2.44-3 no fix available
binutils CVE-2025-69652 LOW 2.44-3 no fix available
binutils CVE-2025-7545 LOW 2.44-3 no fix available
1348 other vulnerabilities found...
No Misconfigurations found

Java (jar)

Package Vulnerability ID Severity Installed Version Fixed Version Links
io.netty:netty-codec-http CVE-2026-50020 MEDIUM 4.1.133.Final 4.2.15.Final, 4.1.135.Final
io.netty:netty-codec-http2 CVE-2026-47244 MEDIUM 4.1.133.Final 4.2.15.Final, 4.1.135.Final
io.netty:netty-codec-http2 CVE-2026-48043 MEDIUM 4.1.133.Final 4.1.135.Final, 4.2.15.Final
io.netty:netty-codec-http2 CVE-2026-50560 MEDIUM 4.1.133.Final 4.2.15.Final, 4.1.135.Final
io.netty:netty-handler CVE-2026-44249 HIGH 4.1.133.Final 4.2.15.Final, 4.1.135.Final
io.netty:netty-handler CVE-2026-45416 HIGH 4.1.133.Final 4.2.15.Final, 4.1.135.Final
io.netty:netty-handler CVE-2026-50010 HIGH 4.1.133.Final 4.2.15.Final, 4.1.135.Final
No Misconfigurations found

Python (python-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
cryptography GHSA-537c-gmf6-5ccf HIGH 46.0.7 48.0.1
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/cbt (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
go.opentelemetry.io/otel CVE-2026-29181 HIGH v1.40.0 1.41.0
go.opentelemetry.io/otel/sdk CVE-2026-39883 HIGH v1.40.0 1.43.0
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/cloud_spanner_emulator/gateway_main (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-42504 HIGH v1.25.10 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.25.10 1.25.11, 1.26.4
stdlib CVE-2026-42507 MEDIUM v1.25.10 1.25.11, 1.26.4
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/gcloud-crc32c (gobinary)

No Vulnerabilities found
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/gke-gcloud-auth-plugin (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-42504 HIGH v1.26.3 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.3 1.25.11, 1.26.4
stdlib CVE-2026-42507 MEDIUM v1.26.3 1.25.11, 1.26.4
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/kpt (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/moby/spdystream CVE-2026-35469 HIGH v0.5.0 0.5.1
go.opentelemetry.io/otel CVE-2026-29181 HIGH v1.38.0 1.41.0
stdlib CVE-2026-25679 HIGH v1.25.7 1.25.8, 1.26.1
stdlib CVE-2026-32280 HIGH v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-33811 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.25.7 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.25.7 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.25.7 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.25.7 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.25.7 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.25.7 1.25.11, 1.26.4
stdlib CVE-2026-27139 LOW v1.25.7 1.25.8, 1.26.1
No Misconfigurations found

usr/lib/google-cloud-sdk/bin/local-extract (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-25679 HIGH v1.26-20251026-RC00 1.25.8, 1.26.1
stdlib CVE-2026-27137 HIGH v1.26-20251026-RC00 1.26.1
stdlib CVE-2026-32280 HIGH v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26-20251026-RC00 1.26.2
stdlib CVE-2026-33811 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26-20251026-RC00 1.25.11, 1.26.4
stdlib CVE-2026-27142 MEDIUM v1.26-20251026-RC00 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.26-20251026-RC00 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26-20251026-RC00 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26-20251026-RC00 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26-20251026-RC00 1.25.11, 1.26.4
stdlib CVE-2026-27138 LOW v1.26-20251026-RC00 1.26.1
stdlib CVE-2026-27139 LOW v1.26-20251026-RC00 1.25.8, 1.26.1
No Misconfigurations found

usr/lib/google-cloud-sdk/platform/bigtable-emulator/cbtemulator (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
google.golang.org/grpc CVE-2026-33186 CRITICAL v1.72.0 1.79.3
stdlib CVE-2025-68121 CRITICAL v1.24.3 1.24.13, 1.25.7, 1.26.0-rc.3
stdlib CVE-2025-22874 HIGH v1.24.3 1.24.4
stdlib CVE-2025-61726 HIGH v1.24.3 1.24.12, 1.25.6
stdlib CVE-2025-61729 HIGH v1.24.3 1.24.11, 1.25.5
stdlib CVE-2026-25679 HIGH v1.24.3 1.25.8, 1.26.1
stdlib CVE-2026-32280 HIGH v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-33811 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.24.3 1.25.11, 1.26.4
stdlib CVE-2025-0913 MEDIUM v1.24.3 1.23.10, 1.24.4
stdlib CVE-2025-4673 MEDIUM v1.24.3 1.23.10, 1.24.4
stdlib CVE-2025-47906 MEDIUM v1.24.3 1.23.12, 1.24.6
stdlib CVE-2025-47907 MEDIUM v1.24.3 1.23.12, 1.24.6
stdlib CVE-2025-47912 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-58183 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-58185 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-58187 MEDIUM v1.24.3 1.24.9, 1.25.3
stdlib CVE-2025-58188 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-58189 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-61723 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-61724 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-61725 MEDIUM v1.24.3 1.24.8, 1.25.2
stdlib CVE-2025-61727 MEDIUM v1.24.3 1.24.11, 1.25.5
stdlib CVE-2025-61728 MEDIUM v1.24.3 1.24.12, 1.25.6
stdlib CVE-2025-61730 MEDIUM v1.24.3 1.24.12, 1.25.6
stdlib CVE-2026-27142 MEDIUM v1.24.3 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.24.3 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.24.3 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.24.3 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.24.3 1.25.11, 1.26.4
stdlib CVE-2025-58186 LOW v1.24.3 1.24.8, 1.25.2
stdlib CVE-2026-27139 LOW v1.24.3 1.25.8, 1.26.1
No Misconfigurations found

usr/lib/google-cloud-sdk/platform/google_appengine/go-app-stager (gobinary)

No Vulnerabilities found
No Misconfigurations found