ITRS Analytics Security Updates

This page provides a point-in-time record of security scan results for ITRS Analytics installation packages. It identifies known Common Vulnerabilities and Exposures (CVEs) detected in third-party libraries, container images, and dependencies included in each package release at the time of assessment.

You may use this page to:

Identify known CVEs recorded for a specific ITRS Analytics version.
Understand which images or components are affected.
Support upgrade planning and remediation discussions.

How ITRS manages CVEs Copied

ITRS applies a risk-based approach to vulnerability management across the ITRS Analytics platform. The objective is to identify, assess, and reduce security risk arising from known vulnerabilities while maintaining system stability, reliability, and service continuity. Vulnerability management activities form part of ITRS’s broader security governance framework and are subject to ongoing review and improvement.

ITRS monitors publicly disclosed CVEs that may affect ITRS Analytics and the third-party and open source components used within the platform. This includes supply chain and dependency management controls together with vulnerability monitoring across the software development, build, and release process. Where CVEs are identified, they are assessed in context, taking into account factors such as severity, exploitability, deployment configuration, and relevance to the operating environment.

CVEs assessed as relevant are typically addressed in the next scheduled product release. Where a vulnerability is assessed as critical and presents a material security risk, ITRS may apply remediation or mitigation measures outside the standard release cycle, which may include corrective action as appropriate. ITRS also applies security controls across the software delivery lifecycle, including source code management, build pipelines, container images, and deployment processes, to reduce the likelihood and impact of vulnerabilities entering the production environment.

How to interpret these results Copied

CVE listings reflect the results of the latest scan for each installation package at the time shown.
The published CVE results reflect the state of the product at the time of the release scan. CVE databases, scanner rules, and vendor classifications may change after release, so additional findings may appear even where no changes have been made to the deployed software.
Results from customer scanning tools may differ because of variations in scan date, scanner vendor, data source, detection logic, dependency resolution, and deployment configuration.
Results should be interpreted in the context of the release scan date, affected component, severity, and whether the relevant vulnerable code is present and reachable in the deployed environment.
The presence of a CVE does not necessarily mean that a system is exploitable or that all customer environments are affected.
CVE assessment and remediation decisions are based on risk, context, and practical impact rather than on CVE presence alone.

Note
The tables below list the images or libraries affected by CVEs identified in the latest security scan for each installation package. This information is reviewed and updated with each new packaging release.

Installation package 2.18.2+p2.18.5 Copied

Scan date: 11 June 2026

Note
The docker.itrsgroup.com/iax/loki:2.18.5 image is included only to support migrations from ITRS Analytics 2.17.x to 2.18.x when logs collection is enabled. If logs collection is not currently enabled, Loki is not installed. It is a temporary migration component and is not part of the long-term deployment. It will be removed once the ITRS Analytics 2.18.x installation is complete.

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r51	High	CVE-2026-42504	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r51	High	CVE-2026-42504	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r46	High	CVE-2026-42504	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r51	High	CVE-2026-42504	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-26.4-r3	High	CVE-2024-40635 CVE-2026-46680 GHSA-265R-HFXG-FHMG	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-26.4-r4	High	CVE-2024-40635 CVE-2026-27140 CVE-2026-46680 GHSA-265R-HFXG-FHMG	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	High	CVE-2026-27140 CVE-2026-33814	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.18.5	High	CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Utility
docker.itrsgroup.com/iax/cgr-postgres:17-v3-r133	Critical	CVE-2026-8376	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5-v2-r101	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-32316 CVE-2026-44432 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Utility
docker.itrsgroup.com/iax/cgr-tools:5-v2-r134	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-44432	Utility
docker.itrsgroup.com/iax/ch-migration:2.18.5	Critical	CVE-2026-8376	Platform services Database
docker.itrsgroup.com/iax/collection-agent:2.18.5	High	CVE-2026-44249 CVE-2026-44250 CVE-2026-44890 CVE-2026-44893 CVE-2026-45416 CVE-2026-45674 CVE-2026-46340 CVE-2026-47691	Collection
docker.itrsgroup.com/iax/dpd:2.18.5	Critical	CVE-2026-8376	Data pipeline
docker.itrsgroup.com/iax/final-entity-stream:2.18.5	Critical	CVE-2026-8376	Data pipeline
docker.itrsgroup.com/iax/intermediate-entity-stream:2.18.5	Critical	CVE-2026-8376	Data pipeline
docker.itrsgroup.com/iax/keycloak:2.18.5	High	CVE-2025-59250 CVE-2026-44249 CVE-2026-44893 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Platform services
docker.itrsgroup.com/iax/loki:2.18.5	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2024-45337 CVE-2025-68121 CVE-2026-33186	Installation Telemetry
docker.itrsgroup.com/iax/operator:2.18.5	High	CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.18.5	High	CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Platform services
docker.itrsgroup.com/iax/platformd:2.18.5	Critical	CVE-2026-8376	Platform services
docker.itrsgroup.com/iax/postgres:2.18.5	Critical	CVE-2026-8376	Database
docker.itrsgroup.com/iax/signals-stream:2.18.5	Critical	CVE-2026-8376	Data pipeline
docker.itrsgroup.com/iax/status-metrics-stream:2.18.5	Critical	CVE-2026-8376	Platform services Monitoring
docker.itrsgroup.com/iax/timescale:2.18.5	Critical	CVE-2026-8376	Database
docker.itrsgroup.com/obcerv/app/iax-app-ai-embabel:0.4.0	High	CVE-2026-35568 CVE-2026-44249 CVE-2026-45416	Application
docker.itrsgroup.com/obcerv/app/iax-app-ai-ui:0.4.0	High	CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.5.1	High	CVE-2026-32316	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.5.1	Critical	CVE-2026-41293 CVE-2026-41901 CVE-2026-43512 CVE-2026-43515	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.6.0	Critical	CVE-2026-41293 CVE-2026-41901 CVE-2026-43512 CVE-2026-43515	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.8.0	High	CVE-2026-32316	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.8.0	Critical	CVE-2026-41293 CVE-2026-41901 CVE-2026-43512 CVE-2026-43515	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.19.0	High	CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.18.1	Critical	CVE-2026-41293 CVE-2026-41901 CVE-2026-43512 CVE-2026-43515	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.15.0	High	CVE-2026-32316	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.3.0	Critical	CVE-2026-41293 CVE-2026-41901 CVE-2026-43512 CVE-2026-43515	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.10.0	High	CVE-2026-32316 CVE-2026-44249 CVE-2026-45416 CVE-2026-45674 CVE-2026-47691	Application

Installation package 2.18.1+p2.18.3 Copied

Scan date: 21 May 2026

Note
The docker.itrsgroup.com/iax/loki:2.18.3 image is included only to support migrations from ITRS Analytics 2.17.x to 2.18.x when logs collection is enabled. If logs collection is not currently enabled, Loki is not installed. It is a temporary migration component and is not part of the long-term deployment. It will be removed once the ITRS Analytics 2.18.x installation is complete.

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r129	High	CVE-2026-42945	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r38	High	CVE-2026-42945	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r59	High	CVE-2026-33814	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	High	CVE-2026-27140 CVE-2026-33814	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.18.3	High	CVE-2026-42579 CVE-2026-42583 CVE-2026-42584 CVE-2026-42587	Utility
docker.itrsgroup.com/iax/cgr-postgres:17-v3-r119	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-42501	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5-v2-r101	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Utility
docker.itrsgroup.com/iax/cgr-tools:5-v2-r122	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441	Utility
docker.itrsgroup.com/iax/clickhouse:2.18.3	High	CVE-2026-33811 CVE-2026-33814 CVE-2026-39820 CVE-2026-39836 CVE-2026-42499	Database
docker.itrsgroup.com/iax/collection-agent:2.18.3	High	CVE-2026-42579 CVE-2026-42583 CVE-2026-42584 CVE-2026-42587	Collection
docker.itrsgroup.com/iax/etcd:2.18.3	High	CVE-2026-24051 CVE-2026-29181 CVE-2026-33811 CVE-2026-33814 CVE-2026-39836 CVE-2026-39883 CVE-2026-42501	Platform services
docker.itrsgroup.com/iax/iam-tools:2.18.3	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441	Platform services
docker.itrsgroup.com/iax/itrs-docs-index-faiss:0.1.0	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-41066 CVE-2026-44431 CVE-2026-44432 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Application
docker.itrsgroup.com/iax/kafka:2.18.3	Critical	CVE-2026-2332	Platform services
docker.itrsgroup.com/iax/keycloak:2.18.3	High	CVE-2025-59250 CVE-2026-39852 CVE-2026-42198 CVE-2026-42577 CVE-2026-42579 CVE-2026-42583 CVE-2026-42584 CVE-2026-42587 CVE-2026-5598	Platform services
docker.itrsgroup.com/iax/loki:2.18.3	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2024-45337 CVE-2025-68121 CVE-2026-33186	Installation Telemetry
docker.itrsgroup.com/iax/operator:2.18.3	High	CVE-2026-33811 CVE-2026-33814 CVE-2026-39820 CVE-2026-39836 CVE-2026-42499 CVE-2026-42579 CVE-2026-42583 CVE-2026-42584 CVE-2026-42587	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.18.3	High	CVE-2026-42579 CVE-2026-42583 CVE-2026-42584 CVE-2026-42587	Platform services
docker.itrsgroup.com/iax/platform-tools:2.18.3	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441	Utility
docker.itrsgroup.com/iax/postgres:2.18.3	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-42501	Database
docker.itrsgroup.com/iax/timescale:2.18.3	High	CVE-2025-66418 CVE-2025-66471 CVE-2026-21441 CVE-2026-33811 CVE-2026-33814 CVE-2026-39820 CVE-2026-39836 CVE-2026-42499 CVE-2026-42501	Database
docker.itrsgroup.com/obcerv/app/iax-app-ai-spring-ai:0.3.0	Critical	CVE-2026-41293 CVE-2026-43512 CVE-2026-43515	Application

Installation package 2.18.0+p2.18.3 Copied

Scan date: 6 May 2026

Note
The docker.itrsgroup.com/iax/loki:2.18.3 image is included only to support migrations from ITRS Analytics 2.17.x to 2.18.x when logs collection is enabled. If logs collection is not currently enabled, Loki is not installed. It is a temporary migration component and is not part of the long-term deployment. It will be removed once the ITRS Analytics 2.18.x installation is complete.

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/cgr-postgres:17-v3-r89	High	CVE-2026-27140 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5-v2-r101	High	CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Utility
docker.itrsgroup.com/iax/cgr-tools:5-v2-r96	High	CVE-2026-34986 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Utility
docker.itrsgroup.com/iax/etcd:2.18.3	High	CVE-2026-24051 CVE-2026-29181 CVE-2026-39883	Platform services
docker.itrsgroup.com/iax/itrs-docs-index-faiss:0.1.0	High	CVE-2026-41066 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Application
docker.itrsgroup.com/iax/kafka:2.18.3	Critical	CVE-2026-2332	Platform services
docker.itrsgroup.com/iax/keycloak:2.18.3	High	CVE-2025-59250 CVE-2026-2603	Platform services
docker.itrsgroup.com/iax/loki:2.18.3	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2024-45337 CVE-2025-68121 CVE-2026-33186	Installation Telemetry
docker.itrsgroup.com/obcerv/app/iax-app-ai-spring-ai:0.3.0	High	CVE-2026-35568	Application
docker.itrsgroup.com/replicated/replicated-tools:2.3.0	High	CVE-2026-25679 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-35469	Installation Telemetry

Installation package 2.17.12 Copied

Scan date: 29 April 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r34	High	CVE-2026-24051 CVE-2026-34986 CVE-2026-39883	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r30	High	CVE-2026-24051 CVE-2026-34986 CVE-2026-39883	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r87	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-33810	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r27	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-33810	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r36	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	High	CVE-2026-27140 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Utility
docker.itrsgroup.com/iax/keycloak:2.17.7	Critical	CVE-2025-59250 CVE-2026-2603	Platform services
docker.itrsgroup.com/iax/loki:2.17.7	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2024-45337 CVE-2025-68121 CVE-2026-33186	Installation Telemetry
docker.itrsgroup.com/obcerv/app/iax-app-ai-faiss:0.2.0	High	CVE-2026-40192 CVE-2026-41066 CVE-2026-4519 CVE-2026-4786 CVE-2026-6100	Application
docker.itrsgroup.com/obcerv/app/iax-app-ai-spring-ai:0.2.0	Critical	CVE-2026-22732 CVE-2026-29145 CVE-2026-33701	Application
docker.itrsgroup.com/obcerv/app/iax-app-ai-ui:0.2.0	Critical	CVE-2026-22732 CVE-2026-29145 CVE-2026-33701 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.2	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.2	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467 CVE-2026-22732 CVE-2026-29145 CVE-2026-40477 CVE-2026-40478	Application
docker.itrsgroup.com/replicated/replicated-tools:2.2.0	High	CVE-2026-25679 CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 CVE-2026-35469	Installation Telemetry

Installation package 2.17.11 Copied

Scan date: 1 April 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r87	Critical	CVE-2026-33186	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r36	High	CVE-2026-4437	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	High	CVE-2026-25679	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.6	Critical	CVE-2026-33701	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.6	High	CVE-2026-2673	Database
docker.itrsgroup.com/iax/clickhouse:2.17.6	High	CVE-2026-2673	Database
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.6	Critical	CVE-2026-33701	Collection
docker.itrsgroup.com/iax/collection-agent:2.17.6	Critical	CVE-2026-33701	Collection
docker.itrsgroup.com/iax/configuration-installer:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.6	Critical	CVE-2026-33701	Utility
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/dpd:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/etcd:2.17.6	Critical	CVE-2026-33186	Platform services
docker.itrsgroup.com/iax/final-entity-stream:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/iam-tools:2.17.6	Critical	CVE-2026-33186	Platform services
docker.itrsgroup.com/iax/iamd:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/kafka-health-check:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/kafka:2.17.6	High	CVE-2025-67030	Platform services
docker.itrsgroup.com/iax/keycloak:2.17.6	High	CVE-2025-59250	Platform services
docker.itrsgroup.com/iax/latest-metrics:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/licenced:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/loki:2.17.6	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871 CVE-2025-68121 CVE-2026-33186	Installation Telemetry
docker.itrsgroup.com/iax/metrics-forecastd:2.17.6	High	CVE-2026-27135	Utility
docker.itrsgroup.com/iax/operator:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.6	Critical	CVE-2026-33186	Utility
docker.itrsgroup.com/iax/platformd:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/postgres:2.17.6	High	CVE-2026-27135	Database
docker.itrsgroup.com/iax/signals-stream:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/sinkd:2.17.6	Critical	CVE-2026-33701	Data pipeline
docker.itrsgroup.com/iax/timescale-health-check:2.17.6	Critical	CVE-2026-33701	Platform services
docker.itrsgroup.com/iax/timescale-schema:2.17.6	Critical	CVE-2026-33186	Database
docker.itrsgroup.com/iax/timescale:2.17.6	High	CVE-2026-27135	Database
docker.itrsgroup.com/obcerv/app/iax-app-ai-faiss:0.2.0	High	CVE-2026-2673	Application
docker.itrsgroup.com/obcerv/app/iax-app-ai-spring-ai:0.2.0	Critical	CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-ai-ui:0.2.0	Critical	CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.3	Critical	CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.5	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.1	High	CVE-2026-25679	Installation Telemetry
proxy.itrsgroup.com/library/replicated-sdk-image:1.17.1	Critical	CVE-2026-33186	Installation Telemetry

Installation package 2.17.10 Copied

Scan date: 25 March 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r30	Critical	CVE-2024-24790 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r30	Critical	CVE-2024-24790 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r30	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r28	Critical	CVE-2024-24790 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r30	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r74	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r24	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r36	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	Critical	CVE-2015-5739 CVE-2019-14809 CVE-2022-23806	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.6	High	CVE-2026-27135	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2025-15467 CVE-2025-68121 CVE-2026-33186	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.6	High	CVE-2026-2673 CVE-2026-27135	Database
docker.itrsgroup.com/iax/clickhouse:2.17.6	High	CVE-2026-2673 CVE-2026-27135	Database
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.6	High	CVE-2026-27135	Collection
docker.itrsgroup.com/iax/collection-agent:2.17.6	High	CVE-2026-27135	Collection
docker.itrsgroup.com/iax/configuration-installer:2.17.6	High	CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.6	High	CVE-2026-27135	Utility
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/dpd:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/etcd:2.17.6	Critical	CVE-2026-33186	Platform services
docker.itrsgroup.com/iax/final-entity-stream:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/iam-tools:2.17.6	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2026-33186	Utility
docker.itrsgroup.com/iax/iamd:2.17.6	High	CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/kafka-health-check:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/kafka:2.17.6	Critical	CVE-2017-7657 CVE-2017-7658	Data pipeline
docker.itrsgroup.com/iax/keycloak:2.17.6	Critical	CVE-2021-42575	Platform services
docker.itrsgroup.com/iax/latest-metrics:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/licenced:2.17.6	High	CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/loki:2.17.6	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871 CVE-2025-68121 CVE-2026-33186	Logs and audit
docker.itrsgroup.com/iax/metrics-forecastd:2.17.6	Critical	CVE-2026-27135 GHSA-394x-vwmw-crm3 GHSA-9f94-5g5w-gf6r	Data pipeline
docker.itrsgroup.com/iax/operator:2.17.6	High	CVE-2026-25679 CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.17.6	High	CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.6	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2026-33186	Utility
docker.itrsgroup.com/iax/platformd:2.17.6	High	CVE-2026-27135	Platform services
docker.itrsgroup.com/iax/postgres:2.17.6	High	CVE-2026-27135	Database
docker.itrsgroup.com/iax/signals-stream:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/sinkd:2.17.6	High	CVE-2026-27135	Data pipeline
docker.itrsgroup.com/iax/timescale-health-check:2.17.6	High	CVE-2026-27135	Database
docker.itrsgroup.com/iax/timescale-schema:2.17.6	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2026-33186	Database
docker.itrsgroup.com/iax/timescale:2.17.6	High	CVE-2026-27135	Database
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.3	Critical	CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.2	Critical	CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467 CVE-2025-66614 CVE-2026-22732	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.1	High	CVE-2026-25679	Installation Telemetry
proxy.itrsgroup.com/library/replicated-sdk-image:1.17.1	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2025-68121 CVE-2026-33186	Installation Telemetry

Installation package 2.17.9 Copied

Scan date: 17 March 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r28	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r28	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r28	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r25	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r28	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r70	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r22	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r32	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	Critical	CVE-2015-5739 CVE-2019-14809 CVE-2022-23806	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2025-15467 CVE-2025-68121	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.5	High	CVE-2026-3805	Database
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Collection
docker.itrsgroup.com/iax/collection-agent:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Collection
docker.itrsgroup.com/iax/configuration-installer:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Utility
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/dpd:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/etcd:2.17.5	High	CVE-2026-25679 CVE-2026-27142	Platform services
docker.itrsgroup.com/iax/final-entity-stream:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/iam-tools:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Utility
docker.itrsgroup.com/iax/iamd:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/kafka-health-check:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/kafka:2.17.5	Critical	CVE-2017-7657 CVE-2017-7658	Data pipeline
docker.itrsgroup.com/iax/keycloak:2.17.5	Critical	CVE-2021-42575	Platform services
docker.itrsgroup.com/iax/latest-metrics:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/licenced:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/loki:2.17.5	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871 CVE-2025-68121	Logs and audit
docker.itrsgroup.com/iax/metrics-forecastd:2.17.5	High	CVE-2026-31812 GHSA-65P9-R9H6-22VJ GHSA-HFPC-8R3F-GW53 GHSA-VW5V-4F2Q-W9XF	Data pipeline
docker.itrsgroup.com/iax/operator:2.17.5	High	CVE-2026-25679 CVE-2026-27142 CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Utility
docker.itrsgroup.com/iax/platformd:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/postgres:2.17.5	High	CVE-2026-25679 CVE-2026-27142 CVE-2026-3805	Database
docker.itrsgroup.com/iax/signals-stream:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/sinkd:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/timescale-health-check:2.17.5	High	CVE-2026-3805 GHSA-72HV-8253-57QQ	Database
docker.itrsgroup.com/iax/timescale-schema:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Database
docker.itrsgroup.com/iax/timescale:2.17.5	High	CVE-2026-25679 CVE-2026-27142 CVE-2026-3805	Database
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.3	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.2	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467 CVE-2025-66614	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.1	High	CVE-2026-25679 CVE-2026-27142	Installation Telemetry
proxy.itrsgroup.com/library/replicated-sdk-image:1.17.1	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2025-68121	Installation Telemetry

Installation package 2.17.8 Copied

Scan date: 4 March 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r26	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r26	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r26	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r23	Critical	CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r26	Critical	CVE-2023-24538 CVE-2023-24540 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r61	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r19	Critical	CVE-2022-23806 CVE-2024-24790	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r28	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2024-24790	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r26	Critical	CVE-2015-5739 CVE-2019-14809 CVE-2022-23806	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.5	Critical	GHSA-72HV-8253-57QQ	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2025-15467 CVE-2025-68121	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.5	Critical	GHSA-72HV-8253-57QQ	Collection
docker.itrsgroup.com/iax/collection-agent:2.17.5	Critical	GHSA-72HV-8253-57QQ	Collection
docker.itrsgroup.com/iax/configuration-installer:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.5	Critical	GHSA-72HV-8253-57QQ	Utility
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/dpd:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/etcd:2.17.5	Critical	CVE-2026-24051	Platform services
docker.itrsgroup.com/iax/final-entity-stream:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/iam-tools:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Utility
docker.itrsgroup.com/iax/iamd:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/kafka-health-check:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/kafka:2.17.5	Critical	CVE-2017-7657 CVE-2017-7658	Data pipeline
docker.itrsgroup.com/iax/keycloak:2.17.5	Critical	CVE-2021-42575	Platform services
docker.itrsgroup.com/iax/latest-metrics:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/licenced:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/loki:2.17.5	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871 CVE-2025-68121	Logs and audit
docker.itrsgroup.com/iax/operator:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Utility
docker.itrsgroup.com/iax/platformd:2.17.5	Critical	GHSA-72HV-8253-57QQ	Platform services
docker.itrsgroup.com/iax/signals-stream:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/sinkd:2.17.5	Critical	GHSA-72HV-8253-57QQ	Data pipeline
docker.itrsgroup.com/iax/timescale-health-check:2.17.5	Critical	GHSA-72HV-8253-57QQ	Database
docker.itrsgroup.com/iax/timescale-schema:2.17.5	Critical	CVE-2019-14809 CVE-2022-23806 CVE-2023-24538 CVE-2023-24540	Database
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	Critical	CVE-2025-68121	Installation Telemetry
proxy.itrsgroup.com/library/replicated-sdk-image:1.14.0	Critical	CVE-2022-23806 CVE-2023-24538 CVE-2023-24540 CVE-2024-24790 CVE-2025-68121	Installation Telemetry

Installation package 2.17.7 Copied

Scan date: 25 February 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r24	High	CVE-2026-24051	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r24	High	CVE-2026-24051	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r52	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	Critical	CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467 CVE-2025-68121	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2025-15467 CVE-2025-68121	Utility
docker.itrsgroup.com/iax/etcd:2.17.4	High	CVE-2026-24051	Platform services
docker.itrsgroup.com/iax/keycloak:2.17.4	High	CVE-2025-59250	Platform services
docker.itrsgroup.com/iax/loki:2.17.4	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871 CVE-2025-68121	Logs and audit
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.4	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	Critical	CVE-2025-68121	Installation Telemetry
proxy.itrsgroup.com/library/replicated-sdk-image:1.14.0	Critical	CVE-2025-68121	Installation Telemetry

Installation package 2.17.6 Copied

Scan date: 10 February 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r47	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Networking
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Database
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/iax/clickhouse:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.2	Critical	CVE-2025-15467	Collection
docker.itrsgroup.com/iax/collection-agent:2.17.2	Critical	CVE-2025-15467	Collection
docker.itrsgroup.com/iax/configuration-installer:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/dpd:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/etcd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/final-entity-stream:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/iam-tools:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/iamd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/kafka-health-check:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/kafka:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/keycloak:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/latest-metrics:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/licenced:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/loki:2.17.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Logs and audit
docker.itrsgroup.com/iax/metrics-forecastd:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/operator:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/platform-statusd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/platformd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/postgres:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/iax/signals-stream:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/sinkd:2.17.2	Critical	CVE-2025-15467	Data pipeline
docker.itrsgroup.com/iax/timescale-health-check:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/iax/timescale-schema:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/iax/timescale:2.17.2	Critical	CVE-2025-15467	Database
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61728 CVE-2025-61729 CVE-2025-61730 CVE-2025-61731 CVE-2025-68119 CVE-2025-68121 CVE-2026-0861 CVE-2026-0915	Installation Telemetry

Installation package 2.17.5 Copied

Scan date: 4 February 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r13	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r39	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r15	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r17	High	CVE-2025-61731 CVE-2025-68119	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61731 CVE-2025-68119 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	Critical	CVE-2025-15467	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r16	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	Critical	CVE-2025-15467	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/cgr-tools:5	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/clickhouse:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.2	Critical	CVE-2025-15467	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.2	Critical	CVE-2025-15467	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/etcd:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/final-entity-stream:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/iam-tools:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/iamd:2.17.2	Critical	CVE-2025-15467	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.2	Critical	CVE-2025-15467	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.2	Critical	CVE-2025-15467	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.2	Critical	CVE-2025-15467	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/loki:2.17.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/operator:2.17.2	Critical	CVE-2025-15467 CVE-2025-15281 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.2	Critical	CVE-2025-15467	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platformd:2.17.2	Critical	CVE-2025-15467	Platform services
docker.itrsgroup.com/iax/postgres:2.17.2	Critical	CVE-2025-15467	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/signals-stream:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/iax/timescale-schema:2.17.2	Critical	CVE-2025-15467	Utility
docker.itrsgroup.com/iax/timescale:2.17.2	Critical	CVE-2025-15467	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	Critical	CVE-2025-15467	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	Critical	CVE-2025-15467	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.3	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	Critical	CVE-2025-15467	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.1	Critical	CVE-2025-15467	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	High	CVE-2025-15281 CVE-2025-61726 CVE-2025-61728 CVE-2025-61729 CVE-2025-61731 CVE-2025-68119 CVE-2026-0861 CVE-2026-0915	Utility

Installation package 2.17.4 Copied

Scan date: 29 January 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r15	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r15	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r15	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r13	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r15	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r36	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r14	High	CVE-2025-15281	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r15	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r16	High	CVE-2025-15281	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/cgr-tools:5	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Data Plane
docker.itrsgroup.com/iax/clickhouse:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Data Plane
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/etcd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Utility
docker.itrsgroup.com/iax/final-entity-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/iam-tools:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/iamd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.2	High	CVE-2025-15281 CVE-2025-59250 CVE-2025-66021 CVE-2026-21932 CVE-2026-21945	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/loki:2.17.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-0994 CVE-2026-23949 CVE-2026-24049	Platform services
docker.itrsgroup.com/iax/operator:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platformd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/postgres:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/signals-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/timescale-schema:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/timescale:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	High	CVE-2025-15281 CVE-2025-61729 CVE-2026-0861 CVE-2026-0915	Utility
proxy.itrsgroup.com/library/replicated-sdk-image:1.12.1	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Installation Telemetry

Installation package 2.17.3 Copied

Scan date: 26 January 2026

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/cert-manager-acmesolver:1.19-r10	High	CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-cainjector:1.19-r10	High	CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-controller:1.19-r10	High	CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-startupapicheck:1.19-r9	High	CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/cert-manager-webhook:1.19-r10	High	CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r28	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/cgr/kube-webhook-certgen:1.13-r10	High	CVE-2026-0861 CVE-2026-0915	Networking
docker.itrsgroup.com/cgr/linkerd-cni-plugin:1.6-r11	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r7	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r11	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/trust-manager:0.20-r11	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Utility
docker.itrsgroup.com/iax/cgr-postgres:17.6-v2-r7	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/cgr-tools:5	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/clickhouse-schema:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Data Plane
docker.itrsgroup.com/iax/clickhouse:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Data Plane
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/etcd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Utility
docker.itrsgroup.com/iax/final-entity-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/iam-tools:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/iamd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.2	High	CVE-2025-15281 CVE-2025-59250 CVE-2025-66021 CVE-2026-21932 CVE-2026-21945	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/loki:2.17.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-0994 CVE-2026-23949 CVE-2026-24049	Platform services
docker.itrsgroup.com/iax/operator:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platformd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Platform services
docker.itrsgroup.com/iax/postgres:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/signals-stream:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/iax/timescale-schema:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-24049	Utility
docker.itrsgroup.com/iax/timescale:2.17.2	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.4.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.4.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.22.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.0	High	CVE-2025-15281 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2026-0861 CVE-2026-0915 CVE-2026-21932 CVE-2026-21945 CVE-2026-22695 CVE-2026-22801	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	High	CVE-2025-15281 CVE-2025-61729 CVE-2026-0861 CVE-2026-0915	Utility
proxy.itrsgroup.com/library/replicated-sdk-image:1.12.1	High	CVE-2025-15281 CVE-2026-0861 CVE-2026-0915	Installation Telemetry

Installation package 2.17.2 Copied

Scan date: 18 December 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/linkerd-controller:edge-25.11-r6	High	CVE-2025-61729	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/cgr/linkerd-proxy:edge-25.11-r10	High	CVE-2025-61729	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/iax/backup-manager:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/etcd:2.17.0	High	CVE-2025-61729	Utility
docker.itrsgroup.com/iax/final-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/iam-tools:2.17.0	High	CVE-2025-61729	Utility
docker.itrsgroup.com/iax/iamd:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.0	High	CVE-2025-61729 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.0	High	CVE-2025-59250 CVE-2025-64720 CVE-2025-65018 CVE-2025-66021 CVE-2025-66293	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Platform services
docker.itrsgroup.com/iax/loki:2.17.0	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.0	High	CVE-2025-62703 CVE-2025-66418 CVE-2025-66471	Platform services
docker.itrsgroup.com/iax/operator:2.17.0	High	CVE-2025-61729 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Platform services
docker.itrsgroup.com/iax/platform-tools:2.17.0	High	CVE-2025-61729	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platformd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/postgres:2.17.0	High	CVE-2025-66418 CVE-2025-66471	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/signals-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Data Plane
docker.itrsgroup.com/iax/timescale-schema:2.17.0	High	CVE-2025-61729	Utility
docker.itrsgroup.com/iax/timescale:2.17.0	High	CVE-2025-61729 CVE-2025-66418 CVE-2025-66471	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.3.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.3.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.4.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.1	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.1	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.1	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.1	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.8.0	High	CVE-2025-64720 CVE-2025-65018 CVE-2025-66293	Application
docker.itrsgroup.com/replicated/replicated-tools:2.0.0	High	CVE-2025-61729	Utility
proxy.replicated.com/library/replicated-sdk-image:1.11.2	High	CVE-2025-617	Installation Telemetry

Installation package 2.17.1 Copied

Scan date: 3 December 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/iax/backup-manager:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/final-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/iamd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.0	High	CVE-2025-59250 CVE-2025-64720 CVE-2025-65018 CVE-2025-66021	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/loki:2.17.0	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.0	High	CVE-2025-62703	Platform services
docker.itrsgroup.com/iax/operator:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/platformd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/signals-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.4.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.7.0	High	CVE-2025-64720 CVE-2025-65018	Application

Installation package 2.17.0 Copied

Scan date: 2 December 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/iax/backup-manager:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/final-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/iamd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.0	High	CVE-2025-59250 CVE-2025-64720 CVE-2025-65018 CVE-2025-66021	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/loki:2.17.0	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.0	High	CVE-2025-62703	Platform services
docker.itrsgroup.com/iax/operator:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/platformd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/signals-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.1.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.1.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.4.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.7.0	High	CVE-2025-64720 CVE-2025-65018	Application

Installation package 2.16.4 Copied

Scan date: 21 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r3	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/iax/kafka:2.16.3	Critical	CVE-2025-12383	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.16.3	High	CVE-2025-59250	Identity and Access Management
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry

Installation package 2.16.3 Copied

Scan date: 14 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0	High	CVE-2024-25621 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2	High	CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry
docker.itrsgroup.com/replicated/replicated-tools:1.5.7	High	CVE-2024-25621 CVE-2025-53547 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/metrics-forecastd:2.16.2	High	CVE-2025-11082 CVE-2025-11083 CVE-2025-7545 CVE-2025-7546	Platform services

Installation package 2.16.2 Copied

Scan date: 12 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0	High	CVE-2024-25621 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2	High	CVE-2025-47912 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry
docker.itrsgroup.com/replicated/replicated-tools:1.5.7	High	CVE-2024-25621 CVE-2025-47912 CVE-2025-53547 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility

Installation package 2.16.1 Copied

Scan date: 5 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0 docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2 docker.itrsgroup.com/replicated/replicated-tools:1.5.6	High	CVE-2025-47912 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.16.2	High	CVE-2025-59250	Identity and Access Management
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2025-58187	Installation Telemetry

Installation package 2.16.0 Copied

Scan date: 30 October 2025

Container images	Severity	CVE	Subsystems
k8s.io/ingress-nginx v1.13.2	Critical	CVE-2025-1974	Networking
Netty 4.1.127	High	CVE-2025-59419	Collection Agent
Loki	Critical	CVE-2025-22871 CVE-2025-22868 CVE-2025-22869 CVE-2025-26519 CVE-2025-4674 CVE-2025-47907 CVE-2025-9230	Logging infrastructure
obcerv-app-platform-tools-cli:1.11.0	High	CVE-2025-9086 CVE-2025-9230 CVE-2025-9230	Platform

Disclaimer
The information contained in this document is for general information and guidance on our products, services, and other matters. It is only for information purposes and is not intended as advice which should be relied upon. We try to ensure that the content of this document is accurate and up-to-date, but this cannot be guaranteed. Changes may be made to our products, services, and other matters which are not noted or recorded herein. All liability for loss and damage arising from reliance on this document is excluded (except where death or personal injury arises from our negligence or loss or damage arises from any fraud on our part).

Previous article Next article

ITRS Analytics Security Updates

How ITRS manages CVEs Copied

How to interpret these results Copied

Installation package 2.18.2+p2.18.5 Copied

Installation package 2.18.1+p2.18.3 Copied

Installation package 2.18.0+p2.18.3 Copied

Installation package 2.17.12 Copied

Installation package 2.17.11 Copied

Installation package 2.17.10 Copied

Installation package 2.17.9 Copied

Installation package 2.17.8 Copied

Installation package 2.17.7 Copied

Installation package 2.17.6 Copied

Installation package 2.17.5 Copied

Installation package 2.17.4 Copied

Installation package 2.17.3 Copied

Installation package 2.17.2 Copied

Installation package 2.17.1 Copied

Installation package 2.17.0 Copied

Installation package 2.16.4 Copied

Installation package 2.16.3 Copied

Installation package 2.16.2 Copied

Installation package 2.16.1 Copied

Installation package 2.16.0 Copied

Was this topic helpful?

Your thoughts...

How can we improve this topic?

Your thoughts...

Thank you for your feedback!