pkg:Go/github.com/distribution/distribution/v3
3 total CVEsHIGH2MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH7.5CVE-2026-35172Distribution: stale blob access resurrection via repo-scoped redis descriptor cache invalidation from 0, < 3.1.0
HIGH7.5CVE-2026-33540Distribution affected by pull-through cache credential exfiltration via www-authenticate bearer realm from 0, < 3.1.0
MEDIUM6.5CVE-2026-41888Distribution's tag deletion bypasses `storage.delete.enabled` configuration from 0, < 3.1.1