ITRS Analytics Security Updates

Overview Copied

This page provides security information for ITRS Analytics installations. Regular security scanning is performed on all ITRS Analytics components to identify and document known vulnerabilities (CVEs) in third-party libraries, Docker images, and dependencies.

Security vulnerabilities can pose significant risks to your deployment. This page helps you:

Identify known security issues in your current ITRS Analytics version.
Understand the severity and impact of each vulnerability.
Plan upgrades and remediation activities based on risk assessment.
Stay informed about ongoing security improvements and fixes.

Note
The following table lists the images or libraries affected by recently identified Common Vulnerabilities and Exposures (CVEs) from the latest security scan, along with the relevant ITRS Analytics components, and is updated with each new packaging release.

Installation package 2.17.1 Copied

Scan date: 3 December 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/iax/backup-manager:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/final-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/iamd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.0	High	CVE-2025-59250 CVE-2025-64720 CVE-2025-65018 CVE-2025-66021	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/loki:2.17.0	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.0	High	CVE-2025-62703	Platform services
docker.itrsgroup.com/iax/operator:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/platformd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/signals-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.4.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.7.0	High	CVE-2025-64720 CVE-2025-65018	Application

Installation package 2.17.0 Copied

Scan date: 2 December 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/iax/backup-manager:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/collection-agent-privileged:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/collection-agent:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Monitoring
docker.itrsgroup.com/iax/configuration-installer:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Utility
docker.itrsgroup.com/iax/data-pipeline-utility:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/downsampled-metrics-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/dpd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/final-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/iamd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/iax/intermediate-entity-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/kafka-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh
docker.itrsgroup.com/iax/kafka:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.17.0	High	CVE-2025-59250 CVE-2025-64720 CVE-2025-65018 CVE-2025-66021	Identity and Access Management
docker.itrsgroup.com/iax/latest-metrics:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/licenced:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/loki:2.17.0	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
docker.itrsgroup.com/iax/metrics-forecastd:2.17.0	High	CVE-2025-62703	Platform services
docker.itrsgroup.com/iax/operator:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/platform-statusd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/platformd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Platform services
docker.itrsgroup.com/iax/signals-stream:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/sinkd:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/iax/timescale-health-check:2.17.0	High	CVE-2025-64720 CVE-2025-65018	Data Plane
docker.itrsgroup.com/obcerv/app/iax-app-capacity-daemon:1.1.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-capacity-ui:1.1.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-iam-ui:1.4.0	High	CVE-2025-64720 CVE-2025-65018	Identity and Access Management
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-cleanup-client:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-daemon:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/iax-app-signal-generator-ui:1.6.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:2.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-audit-ui:1.2.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-daemon:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:2.5.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-daemon:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-commands-ui:1.7.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-dashboard-ui:1.17.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:1.16.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:2.13.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:2.8.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:3.10.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:1.13.0	High	CVE-2025-64720 CVE-2025-65018	Platform
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:2.21.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:2.11.0	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-traces-ui:1.2.2	High	CVE-2025-64720 CVE-2025-65018	Application
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:3.7.0	High	CVE-2025-64720 CVE-2025-65018	Application

Installation package 2.16.4 Copied

Scan date: 21 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/cgr/ingress-nginx-controller:1.13-r3	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/iax/kafka:2.16.3	Critical	CVE-2025-12383	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.16.3	High	CVE-2025-59250	Identity and Access Management
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry

Installation package 2.16.3 Copied

Scan date: 14 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0	High	CVE-2024-25621 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2	High	CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry
docker.itrsgroup.com/replicated/replicated-tools:1.5.7	High	CVE-2024-25621 CVE-2025-53547 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/metrics-forecastd:2.16.2	High	CVE-2025-11082 CVE-2025-11083 CVE-2025-7545 CVE-2025-7546	Platform services

Installation package 2.16.2 Copied

Scan date: 12 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0	High	CVE-2024-25621 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2	High	CVE-2025-47912 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2024-25621 CVE-2025-58187	Installation Telemetry
docker.itrsgroup.com/replicated/replicated-tools:1.5.7	High	CVE-2024-25621 CVE-2025-47912 CVE-2025-53547 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility

Installation package 2.16.1 Copied

Scan date: 5 November 2025

Container images	Severity	CVE	Subsystems
docker.itrsgroup.com/chainguard/cert-manager-acmesolver:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-cainjector:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-controller:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-startupapicheck:1.18.2-r4 docker.itrsgroup.com/chainguard/cert-manager-webhook:1.18.2-r4 docker.itrsgroup.com/chainguard/kube-webhook-certgen:1.13.2-r2@sha256:262b8beb880b3feeae6d647237ca0fb811ca329fddd4e218d168a4eeba6bb66f docker.itrsgroup.com/chainguard/linkerd-controller:edge-25.9.1-r0 docker.itrsgroup.com/chainguard/linkerd-proxy-init:edge-2.4.3-r2 docker.itrsgroup.com/chainguard/linkerd-proxy:edge-2.322.0-r0 docker.itrsgroup.com/chainguard/trust-manager:0.19.0-r0	High	CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61725	Certificate Lifecycle Management Service Mesh
docker.itrsgroup.com/chainguard/ingress-nginx-controller:1.13.2-r2@sha256:1bd6b123a12d29663d37122d356422285df59b7410f0c57e7934a390c4513ef4	Critical	CVE-2025-1974	Networking
docker.itrsgroup.com/chainguard/linkerd-cni-plugin:1.6.4-r1 docker.itrsgroup.com/iax/iam-tools:2.16.2 docker.itrsgroup.com/iax/kafka:2.16.2 docker.itrsgroup.com/iax/operator:2.16.2 docker.itrsgroup.com/iax/platform-tools:2.16.2 docker.itrsgroup.com/iax/postgres:2.16.2 docker.itrsgroup.com/iax/timescale-schema:2.16.2 docker.itrsgroup.com/iax/timescale:2.16.2 docker.itrsgroup.com/replicated/replicated-tools:1.5.6	High	CVE-2025-47912 CVE-2025-58183 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725	Service Mesh Data Plane Utility
docker.itrsgroup.com/iax/keycloak:2.16.2	High	CVE-2025-59250	Identity and Access Management
docker.itrsgroup.com/iax/loki:2.16.2	Critical	CVE-2021-3711 CVE-2021-38297 CVE-2022-23806 CVE-2022-37434 CVE-2022-48174 CVE-2023-24531 CVE-2023-24538 CVE-2023-24540 CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-45853 CVE-2024-24790 CVE-2024-45337 CVE-2024-5535 CVE-2025-22871	Service Mesh
proxy.replicated.com/library/replicated-sdk-image:1.8.1	High	CVE-2025-58187	Installation Telemetry

Installation package 2.16.0 Copied

Scan date: 30 October 2025

Container images	Severity	CVE	Subsystems
k8s.io/ingress-nginx v1.13.2	Critical	CVE-2025-1974	Networking
Netty 4.1.127	High	CVE-2025-59419	Collection Agent
Loki	Critical	CVE-2025-22871 CVE-2025-22868 CVE-2025-22869 CVE-2025-26519 CVE-2025-4674 CVE-2025-47907 CVE-2025-9230	Logging infrastructure
obcerv-app-platform-tools-cli:1.11.0	High	CVE-2025-9086 CVE-2025-9230 CVE-2025-9230	Platform

Disclaimer
The information contained in this document is for general information and guidance on our products, services, and other matters. It is only for information purposes and is not intended as advice which should be relied upon. We try to ensure that the content of this document is accurate and up-to-date, but this cannot be guaranteed. Changes may be made to our products, services, and other matters which are not noted or recorded herein. All liability for loss and damage arising from reliance on this document is excluded (except where death or personal injury arises from our negligence or loss or damage arises from any fraud on our part).

Previous article Next article

ITRS Analytics Security Updates

Overview Copied

Installation package 2.17.1 Copied

Installation package 2.17.0 Copied

Installation package 2.16.4 Copied

Installation package 2.16.3 Copied

Installation package 2.16.2 Copied

Installation package 2.16.1 Copied

Installation package 2.16.0 Copied

Was this topic helpful?

Your thoughts...

How can we improve this topic?

Your thoughts...

Thank you for your feedback!