cockroach-operator
cockroach-operator copied to clipboard
Published
20 hours ago •
cockroachdb
cockroachdb
Critical CVEs in at least 2.11.0 and 2.12.0
docker scout cves cockroachdb/cockroach-operator:v2.12.0
✓ Pulled
✓ Image stored for indexing
✓ Indexed 344 packages
✗ Detected 23 vulnerable packages with a total of 88 vulnerabilities
## Overview
│ Analyzed Image
────────────────────┼───────────────────────────────────────────
Target │ cockroachdb/cockroach-operator:v2.12.0
digest │ 7cacb9821e89
platform │ linux/amd64
vulnerabilities │ 3C 49H 24M 13L 3?
size │ 190 MB
packages │ 344
## Packages and Vulnerabilities
3C 36H 12M 1L 2? stdlib 1.16.6
pkg:golang/[email protected]
✗ CRITICAL CVE-2023-24540
https://scout.docker.com/v/CVE-2023-24540
Affected range : <1.19.9
Fixed version : 1.19.9
✗ CRITICAL CVE-2023-24538
https://scout.docker.com/v/CVE-2023-24538
Affected range : <1.19.8
Fixed version : 1.19.8
✗ CRITICAL CVE-2022-23806
https://scout.docker.com/v/CVE-2022-23806
Affected range : <1.16.14
Fixed version : 1.16.14
✗ HIGH CVE-2023-29403
https://scout.docker.com/v/CVE-2023-29403
Affected range : <1.19.10
Fixed version : 1.19.10
✗ HIGH CVE-2022-30580
https://scout.docker.com/v/CVE-2022-30580
Affected range : <1.17.11
Fixed version : 1.17.11
✗ HIGH CVE-2023-44487
https://scout.docker.com/v/CVE-2023-44487
Affected range : <1.20.10
Fixed version : 1.20.10
✗ HIGH CVE-2023-39325
https://scout.docker.com/v/CVE-2023-39325
Affected range : <1.20.10
Fixed version : 1.20.10
✗ HIGH CVE-2023-24537
https://scout.docker.com/v/CVE-2023-24537
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2023-24536
https://scout.docker.com/v/CVE-2023-24536
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2023-24534
https://scout.docker.com/v/CVE-2023-24534
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2022-41725
https://scout.docker.com/v/CVE-2022-41725
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41724
https://scout.docker.com/v/CVE-2022-41724
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41723
https://scout.docker.com/v/CVE-2022-41723
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41722
https://scout.docker.com/v/CVE-2022-41722
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41720
https://scout.docker.com/v/CVE-2022-41720
Affected range : <1.18.9
Fixed version : 1.18.9
✗ HIGH CVE-2022-41716
https://scout.docker.com/v/CVE-2022-41716
Affected range : <1.18.8
Fixed version : 1.18.8
✗ HIGH CVE-2022-41715
https://scout.docker.com/v/CVE-2022-41715
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-32189
https://scout.docker.com/v/CVE-2022-32189
Affected range : <1.17.13
Fixed version : 1.17.13
✗ HIGH CVE-2022-30635
https://scout.docker.com/v/CVE-2022-30635
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-30634
https://scout.docker.com/v/CVE-2022-30634
Affected range : <1.17.11
Fixed version : 1.17.11
✗ HIGH CVE-2022-30633
https://scout.docker.com/v/CVE-2022-30633
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-30632
https://scout.docker.com/v/CVE-2022-30632
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-30631
https://scout.docker.com/v/CVE-2022-30631
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-30630
https://scout.docker.com/v/CVE-2022-30630
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-29804
https://scout.docker.com/v/CVE-2022-29804
Affected range : <1.17.11
Fixed version : 1.17.11
✗ HIGH CVE-2022-2880
https://scout.docker.com/v/CVE-2022-2880
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-2879
https://scout.docker.com/v/CVE-2022-2879
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-28327
https://scout.docker.com/v/CVE-2022-28327
Affected range : <1.17.9
Fixed version : 1.17.9
✗ HIGH CVE-2022-28131
https://scout.docker.com/v/CVE-2022-28131
Affected range : <1.17.12
Fixed version : 1.17.12
✗ HIGH CVE-2022-27664
https://scout.docker.com/v/CVE-2022-27664
Affected range : <1.18.6
Fixed version : 1.18.6
✗ HIGH CVE-2022-24921
https://scout.docker.com/v/CVE-2022-24921
Affected range : <1.16.15
Fixed version : 1.16.15
✗ HIGH CVE-2022-24675
https://scout.docker.com/v/CVE-2022-24675
Affected range : <1.17.9
Fixed version : 1.17.9
✗ HIGH CVE-2022-23772
https://scout.docker.com/v/CVE-2022-23772
Affected range : <1.16.14
Fixed version : 1.16.14
✗ HIGH CVE-2021-44716
https://scout.docker.com/v/CVE-2021-44716
Affected range : <1.16.12
Fixed version : 1.16.12
✗ HIGH CVE-2021-41772
https://scout.docker.com/v/CVE-2021-41772
Affected range : <1.16.10
Fixed version : 1.16.10
✗ HIGH CVE-2021-41771
https://scout.docker.com/v/CVE-2021-41771
Affected range : <1.16.10
Fixed version : 1.16.10
✗ HIGH CVE-2021-39293
https://scout.docker.com/v/CVE-2021-39293
Affected range : <1.16.8
Fixed version : 1.16.8
✗ HIGH CVE-2023-29400
https://scout.docker.com/v/CVE-2023-29400
Affected range : <1.19.9
Fixed version : 1.19.9
✗ HIGH CVE-2023-24539
https://scout.docker.com/v/CVE-2023-24539
Affected range : <1.19.9
Fixed version : 1.19.9
✗ MEDIUM CVE-2023-29406
https://scout.docker.com/v/CVE-2023-29406
Affected range : <1.19.11
Fixed version : 1.19.11
✗ MEDIUM CVE-2022-32148
https://scout.docker.com/v/CVE-2022-32148
Affected range : <1.17.12
Fixed version : 1.17.12
✗ MEDIUM CVE-2022-1705
https://scout.docker.com/v/CVE-2022-1705
Affected range : <1.17.12
Fixed version : 1.17.12
✗ MEDIUM CVE-2023-39319
https://scout.docker.com/v/CVE-2023-39319
Affected range : <1.20.8
Fixed version : 1.20.8
✗ MEDIUM CVE-2023-39318
https://scout.docker.com/v/CVE-2023-39318
Affected range : <1.20.8
Fixed version : 1.20.8
✗ MEDIUM CVE-2021-36221
https://scout.docker.com/v/CVE-2021-36221
Affected range : >=1.16.0-0
: <1.16.7
Fixed version : 1.16.7
✗ MEDIUM CVE-2022-1962
https://scout.docker.com/v/CVE-2022-1962
Affected range : <1.17.12
Fixed version : 1.17.12
✗ MEDIUM CVE-2023-29409
https://scout.docker.com/v/CVE-2023-29409
Affected range : <1.19.12
Fixed version : 1.19.12
✗ MEDIUM CVE-2023-24532
https://scout.docker.com/v/CVE-2023-24532
Affected range : <1.19.7
Fixed version : 1.19.7
✗ MEDIUM CVE-2022-41717
https://scout.docker.com/v/CVE-2022-41717
Affected range : <1.18.9
Fixed version : 1.18.9
✗ MEDIUM CVE-2022-29526
https://scout.docker.com/v/CVE-2022-29526
Affected range : <1.17.10
Fixed version : 1.17.10
✗ MEDIUM CVE-2021-44717
https://scout.docker.com/v/CVE-2021-44717
Affected range : <1.16.12
Fixed version : 1.16.12
✗ LOW CVE-2022-30629
https://scout.docker.com/v/CVE-2022-30629
Affected range : <1.17.11
Fixed version : 1.17.11
✗ UNSPECIFIED CVE-2023-45284
https://scout.docker.com/v/CVE-2023-45284
Affected range : <1.20.11
Fixed version : 1.20.11
✗ UNSPECIFIED CVE-2023-45283
https://scout.docker.com/v/CVE-2023-45283
Affected range : <1.20.11
Fixed version : 1.20.11
0C 2H 0M 0L golang.org/x/net 0.0.0-20210805182204-aaa1db679c0d
pkg:golang/golang.org/x/[email protected]
✗ HIGH CVE-2022-27664
https://scout.docker.com/v/CVE-2022-27664
Affected range : <0.0.0-20220906165146-f3363e06e74c
Fixed version : 0.0.0-20220906165146-f3363e06e74c
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ HIGH CVE-2021-44716
https://scout.docker.com/v/CVE-2021-44716
Affected range : <0.0.0-20211209124913-491a49abca63
Fixed version : 0.0.0-20211209124913-491a49abca63
0C 2H 0M 0L golang.org/x/crypto 0.0.0-20210711020723-a769d52b0f97
pkg:golang/golang.org/x/[email protected]
✗ HIGH CVE-2022-27191 [Use of a Broken or Risky Cryptographic Algorithm]
https://scout.docker.com/v/CVE-2022-27191
Affected range : <0.0.0-20220314234659-1baeb1ce4c0b
Fixed version : 0.0.0-20220314234659-1baeb1ce4c0b
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ HIGH CVE-2021-43565
https://scout.docker.com/v/CVE-2021-43565
Affected range : <0.0.0-20211202192323-5770296d904e
Fixed version : 0.0.0-20211202192323-5770296d904e
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 2H 0M 0L github.com/apache/thrift 0.0.0-20181211084444-2b7365c54f82
pkg:golang/github.com/apache/[email protected]
✗ HIGH CVE-2019-0210
https://scout.docker.com/v/CVE-2019-0210
Affected range : >=0.0.0-20151001171628-53dd39833a08
: <0.13.0
Fixed version : 0.13.0
✗ HIGH CVE-2019-0205 [OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities]
https://scout.docker.com/v/CVE-2019-0205
Affected range : <0.0.0-20191011170555-cecee50308fc
Fixed version : 0.0.0-20191011170555-cecee50308fc
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 1H 2M 0L python3 3.6.8-51.el8_8.1
pkg:rpm/redhatlinux/[email protected]_8.1?os_name=redhatlinux&os_version=8
✗ HIGH CVE-2023-40217 [Authentication Bypass by Primary Weakness]
https://scout.docker.com/v/CVE-2023-40217
Affected range : <3.6.8-51.el8_8.2
Fixed version : 3.6.8-51.el8_8.2
CVSS Score : 8.6
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
✗ MEDIUM CVE-2007-4559 [Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')]
https://scout.docker.com/v/CVE-2007-4559
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
✗ MEDIUM CVE-2023-27043 [Improper Input Validation]
https://scout.docker.com/v/CVE-2023-27043
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0C 1H 2M 0L pip 9.0.3
pkg:pypi/[email protected]
✗ HIGH CVE-2019-20916 [Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')]
https://scout.docker.com/v/CVE-2019-20916
Affected range : <19.2
Fixed version : 19.2
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
✗ MEDIUM CVE-2021-3572 [Improper Input Validation]
https://scout.docker.com/v/CVE-2021-3572
Affected range : <21.1
Fixed version : 21.1
CVSS Score : 5.7
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
✗ MEDIUM CVE-2023-5752 [Improper Neutralization of Special Elements used in a Command ('Command Injection')]
https://scout.docker.com/v/CVE-2023-5752
Affected range : <23.3
Fixed version : 23.3
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0C 1H 1M 0L google.golang.org/grpc 1.39.1
pkg:golang/google.golang.org/[email protected]
✗ HIGH GHSA-m425-mq94-257g
https://scout.docker.com/v/GHSA-m425-mq94-257g
Affected range : <1.56.3
Fixed version : 1.56.3
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2023-44487 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2023-44487
Affected range : <1.56.3
Fixed version : 1.56.3
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0C 1H 0M 0L setuptools 39.2.0
pkg:pypi/[email protected]
✗ HIGH CVE-2022-40897 [Inefficient Regular Expression Complexity]
https://scout.docker.com/v/CVE-2022-40897
Affected range : <65.5.1
Fixed version : 65.5.1
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 1H 0M 0L gopkg.in/yaml.v3 3.0.0-20210107192922-496545a6307b
pkg:golang/gopkg.in/[email protected]
✗ HIGH CVE-2022-28948 [Deserialization of Untrusted Data]
https://scout.docker.com/v/CVE-2022-28948
Affected range : <3.0.0-20220521103104-8f96da9f5d5e
Fixed version : 3.0.0-20220521103104-8f96da9f5d5e
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 1H 0M 0L github.com/prometheus/client_golang 1.7.1
pkg:golang/github.com/prometheus/[email protected]
✗ HIGH CVE-2022-21698 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2022-21698
Affected range : <1.11.1
Fixed version : 1.11.1
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 1H 0M 0L golang.org/x/text 0.3.7
pkg:golang/golang.org/x/[email protected]
✗ HIGH CVE-2022-32149 [Missing Release of Resource after Effective Lifetime]
https://scout.docker.com/v/CVE-2022-32149
Affected range : <0.3.8
Fixed version : 0.3.8
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 0H 1M 1L github.com/aws/aws-sdk-go 1.38.69
pkg:golang/github.com/aws/[email protected]
✗ MEDIUM CVE-2020-8911
https://scout.docker.com/v/CVE-2020-8911
Affected range : >=0
Fixed version : not fixed
✗ LOW CVE-2020-8912
https://scout.docker.com/v/CVE-2020-8912
Affected range : >=0
Fixed version : not fixed
0C 0H 1M 0L 1? github.com/jaegertracing/jaeger 1.18.1
pkg:golang/github.com/jaegertracing/[email protected]
✗ MEDIUM GHSA-2w8w-qhg4-f78j [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]
https://scout.docker.com/v/GHSA-2w8w-qhg4-f78j
Affected range : <1.47.0
Fixed version : 1.47.0
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
✗ UNSPECIFIED GMS-2023-1823 [OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities]
https://scout.docker.com/v/GMS-2023-1823
Affected range : <v1.47.0
Fixed version : v1.47.0
0C 0H 1M 0L libarchive 3.3.3-5.el8
pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8
✗ MEDIUM CVE-2023-30571 [Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')]
https://scout.docker.com/v/CVE-2023-30571
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
0C 0H 1M 0L gcc 8.5.0-18.el8
pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8
✗ MEDIUM CVE-2023-4039 []
https://scout.docker.com/v/CVE-2023-4039
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.8
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
0C 0H 1M 0L golang.org/x/sys 0.0.0-20210809222454-d867a43fc93e
pkg:golang/golang.org/x/[email protected]
✗ MEDIUM CVE-2022-29526 [Improper Privilege Management]
https://scout.docker.com/v/CVE-2022-29526
Affected range : <0.0.0-20220412211240-33da011f77ad
Fixed version : 0.0.0-20220412211240-33da011f77ad
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0C 0H 1M 0L zlib 1.2.11-21.el8_7
pkg:rpm/redhatlinux/[email protected]_7?os_name=redhatlinux&os_version=8
✗ MEDIUM CVE-2023-45853 [Heap-based Buffer Overflow]
https://scout.docker.com/v/CVE-2023-45853
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0C 0H 1M 0L python-pip 9.0.3-22.el8
pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8
✗ MEDIUM CVE-2018-25091 [Exposure of Sensitive Information to an Unauthorized Actor]
https://scout.docker.com/v/CVE-2018-25091
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.1
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0C 0H 0M 6L ncurses 6.1-9.20180224.el8_8.1
pkg:rpm/redhatlinux/[email protected]_8.1?os_name=redhatlinux&os_version=8
✗ LOW CVE-2020-19190 [Heap-based Buffer Overflow]
https://scout.docker.com/v/CVE-2020-19190
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-19188 [Stack-based Buffer Overflow]
https://scout.docker.com/v/CVE-2020-19188
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-19187 [Heap-based Buffer Overflow]
https://scout.docker.com/v/CVE-2020-19187
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-19186 [Out-of-bounds Read]
https://scout.docker.com/v/CVE-2020-19186
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2020-19185 [Heap-based Buffer Overflow]
https://scout.docker.com/v/CVE-2020-19185
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW CVE-2021-39537 [Improper Restriction of Operations within the Bounds of a Memory Buffer]
https://scout.docker.com/v/CVE-2021-39537
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0C 0H 0M 2L curl 7.61.1-30.el8_8.3
pkg:rpm/redhatlinux/[email protected]_8.3?os_name=redhatlinux&os_version=8
✗ LOW CVE-2023-38546 [External Control of File Name or Path]
https://scout.docker.com/v/CVE-2023-38546
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.0
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
✗ LOW CVE-2023-28322 [Expected Behavior Violation]
https://scout.docker.com/v/CVE-2023-28322
Affected range : >=0
Fixed version : not fixed
CVSS Score : 3.7
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
0C 0H 0M 1L shadow-utils 2:4.6-17.el8
pkg:rpm/redhatlinux/shadow-utils@2:4.6-17.el8?os_name=redhatlinux&os_version=8
✗ LOW CVE-2023-4641 [Incorrect Implementation of Authentication Algorithm]
https://scout.docker.com/v/CVE-2023-4641
Affected range : >=0
Fixed version : not fixed
CVSS Score : 4.7
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
0C 0H 0M 1L tpm2-tss 2.3.2-4.el8
pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8
✗ LOW CVE-2023-22745 [Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')]
https://scout.docker.com/v/CVE-2023-22745
Affected range : >=0
Fixed version : not fixed
CVSS Score : 6.4
CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
0C 0H 0M 1L openssl 1:1.1.1k-9.el8_7
pkg:rpm/redhatlinux/openssl@1:1.1.1k-9.el8_7?os_name=redhatlinux&os_version=8
✗ LOW CVE-2023-3446 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2023-3446
Affected range : >=0
Fixed version : not fixed
CVSS Score : 5.3
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
92 vulnerabilities found in 23 packages
UNSPECIFIED 3
LOW 13
MEDIUM 24
HIGH 49
CRITICAL 3
What's Next?
View base image update recommendations → docker scout recommendations cockroachdb/cockroach-operator:v2.12.0
