cockroachdb
Patched Databases & Caching
from
mirror.gcr.io/cockroachdb/cockroach
Pull Reference
ghcr.io/verity-org/cockroachdb/cockroach
docker pull ghcr.io/verity-org/cockroachdb/cockroach
Available Versions
v26.2.0
latest
21 remaining
v26.1.4 21 remaining
v26.1.3 21 remaining
Copa-Patched Image
Patched in-place from the upstream image using Copa . OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.
Supply Chain
Full compliance details
Signed
SLSA L3
SBOM
Rekor
Verify this artifact
Cosign signature
cosign verify \ --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \ ghcr.io/verity-org/cockroachdb/cockroach:v26.2.0
Build provenance
gh attestation verify \ oci://ghcr.io/verity-org/cockroachdb/cockroach:v26.2.0 \ --owner verity-org
Vulnerability Scan
Found 21 vulnerabilit ies — none have upstream fixes available.
1CRITICAL11HIGH8MEDIUM1LOW
Fix available — pending patch
These vulnerabilities have upstream fixes but could not be automatically patched.
| ID | Package | Installed | Fixed | Severity |
|---|---|---|---|---|
| CVE-2025-68121 | stdlib | v1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | CRITICAL |
| CVE-2025-61726 | stdlib | v1.25.5 | 1.24.12, 1.25.6 | HIGH |
| CVE-2025-61728 | stdlib | v1.25.5 | 1.24.12, 1.25.6 | HIGH |
| CVE-2026-25679 | stdlib | v1.25.5 | 1.25.8, 1.26.1 | HIGH |
| CVE-2026-32280 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | HIGH |
| CVE-2026-32281 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | HIGH |
| CVE-2026-32283 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | HIGH |
| CVE-2026-33811 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | HIGH |
| CVE-2026-33814 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | HIGH |
| CVE-2026-39820 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | HIGH |
| CVE-2026-39836 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | HIGH |
| CVE-2026-42499 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | HIGH |
| CVE-2025-61730 | stdlib | v1.25.5 | 1.24.12, 1.25.6 | MEDIUM |
| CVE-2026-27142 | stdlib | v1.25.5 | 1.25.8, 1.26.1 | MEDIUM |
| CVE-2026-32282 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | MEDIUM |
| CVE-2026-32288 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | MEDIUM |
| CVE-2026-32289 | stdlib | v1.25.5 | 1.25.9, 1.26.2 | MEDIUM |
| CVE-2026-39823 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | MEDIUM |
| CVE-2026-39825 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | MEDIUM |
| CVE-2026-39826 | stdlib | v1.25.5 | 1.25.10, 1.26.3 | MEDIUM |
| CVE-2026-27139 | stdlib | v1.25.5 | 1.25.8, 1.26.1 | LOW |
Source
Copa (in-place patch)
Platforms
linux/amd64, linux/arm64
Registry
ghcr.io/verity-org
Upstream
mirror.gcr.io/cockroachdb/cockroach
Version
v26.2.0