Previous incidents
Performance Degradation Affecting IAM and Registry Services
Resolved Feb 12 at 03:41pm PST
Between February 10 and 11, we experienced elevated error rates across internal services, which impacted authentication and registry availability. The issue has been resolved, and we are continuing to investigate the root cause.
False positive CVEs in glibc
Resolved Feb 11 at 08:27am PST
A glibc change has been deployed that will prevent duplicate glibc sbom detection for all future builds. Existing binaries will need to be rebuilt to drop such detection. As this is deployed, the incident is declared closed. If additional rebuilds are desired, please open a support ticket.
1 previous update
False positives in NodeJS 22 images
Resolved Feb 03 at 11:07am PST
We identified a typographical issue in our feeds that caused scanners to report false positives for CVE-2025-59466 in images containing NodeJS 22.
An incorrectly formatted “fixed” version was published, leading scanners to conclude that the CVE had not been addressed in the latest release, 22.22.0-r0.
The issue has now been corrected in our feeds. Downstream scanners will need to ingest the updated data and refresh their databases. Since most scanners rebuild their databases daily, we expec...