2 matches found
SUSE-SU-2026:21560-1 Security update for distribution
This update for distribution fixes the following issues Security issues: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260283. - CVE-2026-33540: information disclosure via improper validation of authentication real...
CVE-2026-35172 Distribution has stale blob access resurrection via repo-scoped redis descriptor cache invalidation
Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...