There are a number of CVEs that seem to trace back to the base image according to the details from a trivy scan:
CVE-2025-5914 libarchive
CVE-2025-59375 expat
CVE-2025-6020 pam
CVE-2025-6965 sqlite-libs
CVE-2025-8941 pam
Are you able to update these in your next release to remediate the CVEs?
Thanks!
Hi @Joe_R
Docker images are checked for CVEs before a release.
e.g.
Thanks! Definitely a great thing to do, and I appreciate it.
These are CVEs that were discovered recently, after your release. Unfortunately things get found every day, just trying to do my part to keep things current (and make my security team happy)
Joe
Thanks for your interest to our products @Joe_R
Definitely once you see any CVE in our dockers - please report it and let’s make Percona software better together!
Unanswered | Unsolved | Solved
MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright © 2006 - 2024 Percona LLC. All rights reserved.
