GHSA-fx6q-qhch-hxgp
ADVISORY - dockerSummary
Summary
I've recently deployed the tempo-distributed in my GKE but GCP flagged 1 critical CVE on it in the tempo-memcached StatefulSet. The CVE-2021-36159 is regarding the apk-tools package and its flagged with a 9.1 CRITICAL base score.
CVE documentation: https://nvd.nist.gov/vuln/detail/CVE-2021-36159#range-9922715
Affected version 2.10.4-r2
Fixed version 2.10.7-r0
Common Weakness Enumeration (CWE)
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in