CVE-2024-35192
Description
Trivy is a security scanner. Prior to 0.51.2, if a malicious actor is able to trigger Trivy to scan container images from a crafted malicious registry, it could result in the leakage of credentials for legitimate registries such as AWS Elastic Container Registry (ECR), Google Cloud Artifact/Container Registry, or Azure Container Registry (ACR). These tokens can then be used to push/pull images from those registries to which the identity/user running Trivy has access. Systems are not affected if the default credential provider chain is unable to obtain valid credentials. This vulnerability only applies when scanning container images directly from a registry. This vulnerability is fixed in 0.51.2.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/aquasecurity/trivyGo | < 0.51.2 | 0.51.2 |
Patches
1e7f14f729de2Merge pull request from GHSA-xcq4-m2r3-cmrj
6 files changed · +25 −6
pkg/fanal/image/registry/azure/azure.go+1 −1 modified@@ -20,7 +20,7 @@ type Registry struct { } const ( - azureURL = "azurecr.io" + azureURL = ".azurecr.io" scope = "https://management.azure.com/.default" scheme = "https" )
pkg/fanal/image/registry/azure/azure_test.go+5 −0 modified@@ -19,6 +19,11 @@ func TestRegistry_CheckOptions(t *testing.T) { name: "happy path", domain: "test.azurecr.io", }, + { + name: "invalidURL", + domain: "not-azurecr.io", + wantErr: "Azure registry: invalid url pattern", + }, { name: "invalidURL", domain: "alpine:3.9",
pkg/fanal/image/registry/ecr/ecr.go+3 −2 modified@@ -14,7 +14,8 @@ import ( "github.com/aquasecurity/trivy/pkg/fanal/types" ) -const ecrURL = "amazonaws.com" +const ecrURLSuffix = ".amazonaws.com" +const ecrURLPartial = ".dkr.ecr" type ecrAPI interface { GetAuthorizationToken(ctx context.Context, params *ecr.GetAuthorizationTokenInput, optFns ...func(*ecr.Options)) (*ecr.GetAuthorizationTokenOutput, error) @@ -37,7 +38,7 @@ func getSession(option types.RegistryOptions) (aws.Config, error) { } func (e *ECR) CheckOptions(domain string, option types.RegistryOptions) error { - if !strings.HasSuffix(domain, ecrURL) { + if !strings.HasSuffix(domain, ecrURLSuffix) && !strings.Contains(domain, ecrURLPartial) { return xerrors.Errorf("ECR : %w", types.InvalidURLPattern) }
pkg/fanal/image/registry/ecr/ecr_test.go+8 −0 modified@@ -21,6 +21,14 @@ func TestCheckOptions(t *testing.T) { domain: "alpine:3.9", wantErr: types.InvalidURLPattern, }, + "InvalidDomain": { + domain: "xxx.ecr.ap-northeast-1.not-amazonaws.com", + wantErr: types.InvalidURLPattern, + }, + "InvalidSubdomain": { + domain: "xxx.s3.ap-northeast-1.amazonaws.com", + wantErr: types.InvalidURLPattern, + }, "NoOption": { domain: "xxx.ecr.ap-northeast-1.amazonaws.com", },
pkg/fanal/image/registry/google/google.go+4 −3 modified@@ -18,13 +18,14 @@ type Registry struct { } // Google container registry -const gcrURL = "gcr.io" +const gcrURLDomain = "gcr.io" +const gcrURLSuffix = ".gcr.io" // Google artifact registry -const garURL = "docker.pkg.dev" +const garURLSuffix = "-docker.pkg.dev" func (g *Registry) CheckOptions(domain string, option types.RegistryOptions) error { - if !strings.HasSuffix(domain, gcrURL) && !strings.HasSuffix(domain, garURL) { + if domain != gcrURLDomain && !strings.HasSuffix(domain, gcrURLSuffix) && !strings.HasSuffix(domain, garURLSuffix) { return xerrors.Errorf("Google registry: %w", types.InvalidURLPattern) } g.domain = domain
pkg/fanal/image/registry/google/google_test.go+4 −0 modified@@ -21,6 +21,10 @@ func TestCheckOptions(t *testing.T) { domain: "alpine:3.9", wantErr: types.InvalidURLPattern, }, + "InvalidDomain": { + domain: "not-gcr.io", + wantErr: types.InvalidURLPattern, + }, "NoOption": { domain: "gcr.io", gcr: &Registry{domain: "gcr.io"},
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.