HIGH
distribution
CVE published 2026-04-06
CVE-2026-35172
CVE-2026-35172 is a high-severity vulnerability in the Distribution toolkit, which enables restored read access to deleted container content under specific configurations. The vulnerability arises when both storage.cache.blobdescriptor: redis and storage.delete.enabled: true are enabled, allowing an attacker to access deleted blobs from a different repository. This issue was fixed in version 3.1.0 of the [truncated]