Critical CVEs in at least 2.11.0 and 2.12.0 #1011
Comments
WoodyWoodsta
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
WoodyWoodsta
changed the title
docker scout cves cockroachdb/cockroach-operator:v2.12.0 ✓ Pulled ✓ Image stored for indexing ✓ Indexed 344 packages ✗ Detected 23 vulnerable packages with a total of 88 vulnerabilities ## Overview │ Analyzed Image ────────────────────┼─────────────────────────────────────────── Target │ cockroachdb/cockroach-operator:v2.12.0 digest │ 7cacb9821e89 platform │ linux/amd64 vulnerabilities │ 3C 49H 24M 13L 3? size │ 190 MB packages │ 344 ## Packages and Vulnerabilities 3C 36H 12M 1L 2? stdlib 1.16.6 pkg:golang/[email protected] ✗ CRITICAL CVE-2023-24540 https://scout.docker.com/v/CVE-2023-24540 Affected range : <1.19.9 Fixed version : 1.19.9 ✗ CRITICAL CVE-2023-24538 https://scout.docker.com/v/CVE-2023-24538 Affected range : <1.19.8 Fixed version : 1.19.8 ✗ CRITICAL CVE-2022-23806 https://scout.docker.com/v/CVE-2022-23806 Affected range : <1.16.14 Fixed version : 1.16.14 ✗ HIGH CVE-2023-29403 https://scout.docker.com/v/CVE-2023-29403 Affected range : <1.19.10 Fixed version : 1.19.10 ✗ HIGH CVE-2022-30580 https://scout.docker.com/v/CVE-2022-30580 Affected range : <1.17.11 Fixed version : 1.17.11 ✗ HIGH CVE-2023-44487 https://scout.docker.com/v/CVE-2023-44487 Affected range : <1.20.10 Fixed version : 1.20.10 ✗ HIGH CVE-2023-39325 https://scout.docker.com/v/CVE-2023-39325 Affected range : <1.20.10 Fixed version : 1.20.10 ✗ HIGH CVE-2023-24537 https://scout.docker.com/v/CVE-2023-24537 Affected range : <1.19.8 Fixed version : 1.19.8 ✗ HIGH CVE-2023-24536 https://scout.docker.com/v/CVE-2023-24536 Affected range : <1.19.8 Fixed version : 1.19.8 ✗ HIGH CVE-2023-24534 https://scout.docker.com/v/CVE-2023-24534 Affected range : <1.19.8 Fixed version : 1.19.8 ✗ HIGH CVE-2022-41725 https://scout.docker.com/v/CVE-2022-41725 Affected range : <1.19.6 Fixed version : 1.19.6 ✗ HIGH CVE-2022-41724 https://scout.docker.com/v/CVE-2022-41724 Affected range : <1.19.6 Fixed version : 1.19.6 ✗ HIGH CVE-2022-41723 https://scout.docker.com/v/CVE-2022-41723 Affected range : <1.19.6 Fixed version : 1.19.6 ✗ HIGH CVE-2022-41722 https://scout.docker.com/v/CVE-2022-41722 Affected range : <1.19.6 Fixed version : 1.19.6 ✗ HIGH CVE-2022-41720 https://scout.docker.com/v/CVE-2022-41720 Affected range : <1.18.9 Fixed version : 1.18.9 ✗ HIGH CVE-2022-41716 https://scout.docker.com/v/CVE-2022-41716 Affected range : <1.18.8 Fixed version : 1.18.8 ✗ HIGH CVE-2022-41715 https://scout.docker.com/v/CVE-2022-41715 Affected range : <1.18.7 Fixed version : 1.18.7 ✗ HIGH CVE-2022-32189 https://scout.docker.com/v/CVE-2022-32189 Affected range : <1.17.13 Fixed version : 1.17.13 ✗ HIGH CVE-2022-30635 https://scout.docker.com/v/CVE-2022-30635 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-30634 https://scout.docker.com/v/CVE-2022-30634 Affected range : <1.17.11 Fixed version : 1.17.11 ✗ HIGH CVE-2022-30633 https://scout.docker.com/v/CVE-2022-30633 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-30632 https://scout.docker.com/v/CVE-2022-30632 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-30631 https://scout.docker.com/v/CVE-2022-30631 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-30630 https://scout.docker.com/v/CVE-2022-30630 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-29804 https://scout.docker.com/v/CVE-2022-29804 Affected range : <1.17.11 Fixed version : 1.17.11 ✗ HIGH CVE-2022-2880 https://scout.docker.com/v/CVE-2022-2880 Affected range : <1.18.7 Fixed version : 1.18.7 ✗ HIGH CVE-2022-2879 https://scout.docker.com/v/CVE-2022-2879 Affected range : <1.18.7 Fixed version : 1.18.7 ✗ HIGH CVE-2022-28327 https://scout.docker.com/v/CVE-2022-28327 Affected range : <1.17.9 Fixed version : 1.17.9 ✗ HIGH CVE-2022-28131 https://scout.docker.com/v/CVE-2022-28131 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ HIGH CVE-2022-27664 https://scout.docker.com/v/CVE-2022-27664 Affected range : <1.18.6 Fixed version : 1.18.6 ✗ HIGH CVE-2022-24921 https://scout.docker.com/v/CVE-2022-24921 Affected range : <1.16.15 Fixed version : 1.16.15 ✗ HIGH CVE-2022-24675 https://scout.docker.com/v/CVE-2022-24675 Affected range : <1.17.9 Fixed version : 1.17.9 ✗ HIGH CVE-2022-23772 https://scout.docker.com/v/CVE-2022-23772 Affected range : <1.16.14 Fixed version : 1.16.14 ✗ HIGH CVE-2021-44716 https://scout.docker.com/v/CVE-2021-44716 Affected range : <1.16.12 Fixed version : 1.16.12 ✗ HIGH CVE-2021-41772 https://scout.docker.com/v/CVE-2021-41772 Affected range : <1.16.10 Fixed version : 1.16.10 ✗ HIGH CVE-2021-41771 https://scout.docker.com/v/CVE-2021-41771 Affected range : <1.16.10 Fixed version : 1.16.10 ✗ HIGH CVE-2021-39293 https://scout.docker.com/v/CVE-2021-39293 Affected range : <1.16.8 Fixed version : 1.16.8 ✗ HIGH CVE-2023-29400 https://scout.docker.com/v/CVE-2023-29400 Affected range : <1.19.9 Fixed version : 1.19.9 ✗ HIGH CVE-2023-24539 https://scout.docker.com/v/CVE-2023-24539 Affected range : <1.19.9 Fixed version : 1.19.9 ✗ MEDIUM CVE-2023-29406 https://scout.docker.com/v/CVE-2023-29406 Affected range : <1.19.11 Fixed version : 1.19.11 ✗ MEDIUM CVE-2022-32148 https://scout.docker.com/v/CVE-2022-32148 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ MEDIUM CVE-2022-1705 https://scout.docker.com/v/CVE-2022-1705 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ MEDIUM CVE-2023-39319 https://scout.docker.com/v/CVE-2023-39319 Affected range : <1.20.8 Fixed version : 1.20.8 ✗ MEDIUM CVE-2023-39318 https://scout.docker.com/v/CVE-2023-39318 Affected range : <1.20.8 Fixed version : 1.20.8 ✗ MEDIUM CVE-2021-36221 https://scout.docker.com/v/CVE-2021-36221 Affected range : >=1.16.0-0 : <1.16.7 Fixed version : 1.16.7 ✗ MEDIUM CVE-2022-1962 https://scout.docker.com/v/CVE-2022-1962 Affected range : <1.17.12 Fixed version : 1.17.12 ✗ MEDIUM CVE-2023-29409 https://scout.docker.com/v/CVE-2023-29409 Affected range : <1.19.12 Fixed version : 1.19.12 ✗ MEDIUM CVE-2023-24532 https://scout.docker.com/v/CVE-2023-24532 Affected range : <1.19.7 Fixed version : 1.19.7 ✗ MEDIUM CVE-2022-41717 https://scout.docker.com/v/CVE-2022-41717 Affected range : <1.18.9 Fixed version : 1.18.9 ✗ MEDIUM CVE-2022-29526 https://scout.docker.com/v/CVE-2022-29526 Affected range : <1.17.10 Fixed version : 1.17.10 ✗ MEDIUM CVE-2021-44717 https://scout.docker.com/v/CVE-2021-44717 Affected range : <1.16.12 Fixed version : 1.16.12 ✗ LOW CVE-2022-30629 https://scout.docker.com/v/CVE-2022-30629 Affected range : <1.17.11 Fixed version : 1.17.11 ✗ UNSPECIFIED CVE-2023-45284 https://scout.docker.com/v/CVE-2023-45284 Affected range : <1.20.11 Fixed version : 1.20.11 ✗ UNSPECIFIED CVE-2023-45283 https://scout.docker.com/v/CVE-2023-45283 Affected range : <1.20.11 Fixed version : 1.20.11 0C 2H 0M 0L golang.org/x/net 0.0.0-20210805182204-aaa1db679c0d pkg:golang/golang.org/x/[email protected] ✗ HIGH CVE-2022-27664 https://scout.docker.com/v/CVE-2022-27664 Affected range : <0.0.0-20220906165146-f3363e06e74c Fixed version : 0.0.0-20220906165146-f3363e06e74c CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ HIGH CVE-2021-44716 https://scout.docker.com/v/CVE-2021-44716 Affected range : <0.0.0-20211209124913-491a49abca63 Fixed version : 0.0.0-20211209124913-491a49abca63 0C 2H 0M 0L golang.org/x/crypto 0.0.0-20210711020723-a769d52b0f97 pkg:golang/golang.org/x/[email protected] ✗ HIGH CVE-2022-27191 [Use of a Broken or Risky Cryptographic Algorithm] https://scout.docker.com/v/CVE-2022-27191 Affected range : <0.0.0-20220314234659-1baeb1ce4c0b Fixed version : 0.0.0-20220314234659-1baeb1ce4c0b CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ HIGH CVE-2021-43565 https://scout.docker.com/v/CVE-2021-43565 Affected range : <0.0.0-20211202192323-5770296d904e Fixed version : 0.0.0-20211202192323-5770296d904e CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 2H 0M 0L github.com/apache/thrift 0.0.0-20181211084444-2b7365c54f82 pkg:golang/github.com/apache/[email protected] ✗ HIGH CVE-2019-0210 https://scout.docker.com/v/CVE-2019-0210 Affected range : >=0.0.0-20151001171628-53dd39833a08 : <0.13.0 Fixed version : 0.13.0 ✗ HIGH CVE-2019-0205 [OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities] https://scout.docker.com/v/CVE-2019-0205 Affected range : <0.0.0-20191011170555-cecee50308fc Fixed version : 0.0.0-20191011170555-cecee50308fc CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 1H 2M 0L python3 3.6.8-51.el8_8.1 pkg:rpm/redhatlinux/[email protected]_8.1?os_name=redhatlinux&os_version=8 ✗ HIGH CVE-2023-40217 [Authentication Bypass by Primary Weakness] https://scout.docker.com/v/CVE-2023-40217 Affected range : <3.6.8-51.el8_8.2 Fixed version : 3.6.8-51.el8_8.2 CVSS Score : 8.6 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N ✗ MEDIUM CVE-2007-4559 [Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')] https://scout.docker.com/v/CVE-2007-4559 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N ✗ MEDIUM CVE-2023-27043 [Improper Input Validation] https://scout.docker.com/v/CVE-2023-27043 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 0C 1H 2M 0L pip 9.0.3 pkg:pypi/[email protected] ✗ HIGH CVE-2019-20916 [Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')] https://scout.docker.com/v/CVE-2019-20916 Affected range : <19.2 Fixed version : 19.2 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N ✗ MEDIUM CVE-2021-3572 [Improper Input Validation] https://scout.docker.com/v/CVE-2021-3572 Affected range : <21.1 Fixed version : 21.1 CVSS Score : 5.7 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N ✗ MEDIUM CVE-2023-5752 [Improper Neutralization of Special Elements used in a Command ('Command Injection')] https://scout.docker.com/v/CVE-2023-5752 Affected range : <23.3 Fixed version : 23.3 CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 0C 1H 1M 0L google.golang.org/grpc 1.39.1 pkg:golang/google.golang.org/[email protected] ✗ HIGH GHSA-m425-mq94-257g https://scout.docker.com/v/GHSA-m425-mq94-257g Affected range : <1.56.3 Fixed version : 1.56.3 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-44487 [Uncontrolled Resource Consumption] https://scout.docker.com/v/CVE-2023-44487 Affected range : <1.56.3 Fixed version : 1.56.3 CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 0C 1H 0M 0L setuptools 39.2.0 pkg:pypi/[email protected] ✗ HIGH CVE-2022-40897 [Inefficient Regular Expression Complexity] https://scout.docker.com/v/CVE-2022-40897 Affected range : <65.5.1 Fixed version : 65.5.1 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 1H 0M 0L gopkg.in/yaml.v3 3.0.0-20210107192922-496545a6307b pkg:golang/gopkg.in/[email protected] ✗ HIGH CVE-2022-28948 [Deserialization of Untrusted Data] https://scout.docker.com/v/CVE-2022-28948 Affected range : <3.0.0-20220521103104-8f96da9f5d5e Fixed version : 3.0.0-20220521103104-8f96da9f5d5e CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 1H 0M 0L github.com/prometheus/client_golang 1.7.1 pkg:golang/github.com/prometheus/[email protected] ✗ HIGH CVE-2022-21698 [Uncontrolled Resource Consumption] https://scout.docker.com/v/CVE-2022-21698 Affected range : <1.11.1 Fixed version : 1.11.1 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 1H 0M 0L golang.org/x/text 0.3.7 pkg:golang/golang.org/x/[email protected] ✗ HIGH CVE-2022-32149 [Missing Release of Resource after Effective Lifetime] https://scout.docker.com/v/CVE-2022-32149 Affected range : <0.3.8 Fixed version : 0.3.8 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 0H 1M 1L github.com/aws/aws-sdk-go 1.38.69 pkg:golang/github.com/aws/[email protected] ✗ MEDIUM CVE-2020-8911 https://scout.docker.com/v/CVE-2020-8911 Affected range : >=0 Fixed version : not fixed ✗ LOW CVE-2020-8912 https://scout.docker.com/v/CVE-2020-8912 Affected range : >=0 Fixed version : not fixed 0C 0H 1M 0L 1? github.com/jaegertracing/jaeger 1.18.1 pkg:golang/github.com/jaegertracing/[email protected] ✗ MEDIUM GHSA-2w8w-qhg4-f78j [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')] https://scout.docker.com/v/GHSA-2w8w-qhg4-f78j Affected range : <1.47.0 Fixed version : 1.47.0 CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N ✗ UNSPECIFIED GMS-2023-1823 [OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities] https://scout.docker.com/v/GMS-2023-1823 Affected range : <v1.47.0 Fixed version : v1.47.0 0C 0H 1M 0L libarchive 3.3.3-5.el8 pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8 ✗ MEDIUM CVE-2023-30571 [Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')] https://scout.docker.com/v/CVE-2023-30571 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H 0C 0H 1M 0L gcc 8.5.0-18.el8 pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8 ✗ MEDIUM CVE-2023-4039 [] https://scout.docker.com/v/CVE-2023-4039 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.8 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N 0C 0H 1M 0L golang.org/x/sys 0.0.0-20210809222454-d867a43fc93e pkg:golang/golang.org/x/[email protected] ✗ MEDIUM CVE-2022-29526 [Improper Privilege Management] https://scout.docker.com/v/CVE-2022-29526 Affected range : <0.0.0-20220412211240-33da011f77ad Fixed version : 0.0.0-20220412211240-33da011f77ad CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0C 0H 1M 0L zlib 1.2.11-21.el8_7 pkg:rpm/redhatlinux/[email protected]_7?os_name=redhatlinux&os_version=8 ✗ MEDIUM CVE-2023-45853 [Heap-based Buffer Overflow] https://scout.docker.com/v/CVE-2023-45853 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 0C 0H 1M 0L python-pip 9.0.3-22.el8 pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8 ✗ MEDIUM CVE-2018-25091 [Exposure of Sensitive Information to an Unauthorized Actor] https://scout.docker.com/v/CVE-2018-25091 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.1 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 0C 0H 0M 6L ncurses 6.1-9.20180224.el8_8.1 pkg:rpm/redhatlinux/[email protected]_8.1?os_name=redhatlinux&os_version=8 ✗ LOW CVE-2020-19190 [Heap-based Buffer Overflow] https://scout.docker.com/v/CVE-2020-19190 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-19188 [Stack-based Buffer Overflow] https://scout.docker.com/v/CVE-2020-19188 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-19187 [Heap-based Buffer Overflow] https://scout.docker.com/v/CVE-2020-19187 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-19186 [Out-of-bounds Read] https://scout.docker.com/v/CVE-2020-19186 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-19185 [Heap-based Buffer Overflow] https://scout.docker.com/v/CVE-2020-19185 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2021-39537 [Improper Restriction of Operations within the Bounds of a Memory Buffer] https://scout.docker.com/v/CVE-2021-39537 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 0C 0H 0M 2L curl 7.61.1-30.el8_8.3 pkg:rpm/redhatlinux/[email protected]_8.3?os_name=redhatlinux&os_version=8 ✗ LOW CVE-2023-38546 [External Control of File Name or Path] https://scout.docker.com/v/CVE-2023-38546 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.0 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L ✗ LOW CVE-2023-28322 [Expected Behavior Violation] https://scout.docker.com/v/CVE-2023-28322 Affected range : >=0 Fixed version : not fixed CVSS Score : 3.7 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 0C 0H 0M 1L shadow-utils 2:4.6-17.el8 pkg:rpm/redhatlinux/shadow-utils@2:4.6-17.el8?os_name=redhatlinux&os_version=8 ✗ LOW CVE-2023-4641 [Incorrect Implementation of Authentication Algorithm] https://scout.docker.com/v/CVE-2023-4641 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 0C 0H 0M 1L tpm2-tss 2.3.2-4.el8 pkg:rpm/redhatlinux/[email protected]?os_name=redhatlinux&os_version=8 ✗ LOW CVE-2023-22745 [Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')] https://scout.docker.com/v/CVE-2023-22745 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.4 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0C 0H 0M 1L openssl 1:1.1.1k-9.el8_7 pkg:rpm/redhatlinux/openssl@1:1.1.1k-9.el8_7?os_name=redhatlinux&os_version=8 ✗ LOW CVE-2023-3446 [Uncontrolled Resource Consumption] https://scout.docker.com/v/CVE-2023-3446 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 92 vulnerabilities found in 23 packages UNSPECIFIED 3 LOW 13 MEDIUM 24 HIGH 49 CRITICAL 3 What's Next? View base image update recommendations → docker scout recommendations cockroachdb/cockroach-operator:v2.12.0The text was updated successfully, but these errors were encountered: