timescaledb-docker-ha icon indicating copy to clipboard operation
timescaledb-docker-ha copied to clipboard

Published 20 hours ago verified publisher icon timescale

Critical Vulnerabilities in timescale libraries

Open udesaiitrs opened this issue 7 months ago • 0 comments

Critical CVEs Found in Timescaledb-HA docker imaage

Description

We have identified several critical Common Vulnerabilities and Exposures (CVEs) in [Component Name] used in our project. These vulnerabilities pose significant security risks and need to be addressed urgently.

Affected Components

  • timescaledb-tune
  • timescaledb-parallel-copy
  • golang.org/x/crypto (v0.0.0-20210711020723-a769d52b0f97)
    • GHSA-gwc9-m7rh-j2ww (High)
    • GHSA-8c26-wmh5-6g9v (High)
  • golang.org/x/text (v0.3.7)
    • GHSA-69ch-w2m2-3vjp (High)
  • stdlib / go1.19.1

See the attached pdf with the full list of scan output. Tool used was grype.

We request immediate attention to this issue due to the critical nature of these vulnerabilities.

pg14.12-ts2.15.2.pdf

udesaiitrs avatar Jun 28 '24 16:06 udesaiitrs