datadog-cluster-agent
PatchedMonitoring & Observabilityfrom
docker.io/datadog/cluster-agentPull Reference
ghcr.io/verity-org/datadog/cluster-agent
docker pull ghcr.io/verity-org/datadog/cluster-agent
Available Versions
7.80.4latest10 CVEs fixed41 remaining
7.80.313 CVEs fixed41 remaining
7.80.213 CVEs fixed53 remaining
Copa-Patched Image
Patched in-place from the upstream image usingCopa. OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.
Supply Chain
Full compliance detailsSignedSLSA L3SBOMRekor
Verify this artifact
Cosign signature
cosign verify \ --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \ ghcr.io/verity-org/datadog/cluster-agent:7.80.4
Build provenance
gh attestation verify \ oci://ghcr.io/verity-org/datadog/cluster-agent:7.80.4 \ --owner verity-org
Vulnerability Scan
Found 51 vulnerabilities in the original image. 10 fixed by Copa. 41 remaining after patching.
29 MEDIUM22 LOW
Fix available — pending patch
These vulnerabilities have upstream fixes but could not be automatically patched.
- CVE-2026-2303MEDIUM
- Package
- go.mongodb.org/mongo-driver
- Installed
- v1.17.6
- Fixed
- 1.17.7
- CVE-2026-39822UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-42505UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-39822UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-42505UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-39822UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-42505UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-39822UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
- CVE-2026-42505UNKNOWN
- Package
- stdlib
- Installed
- v1.25.11
- Fixed
- 1.25.12, 1.26.5, 1.27.0-rc.2
| ID | Package | Installed | Fixed | Severity |
|---|---|---|---|---|
| CVE-2026-2303 | go.mongodb.org/mongo-driver | v1.17.6 | 1.17.7 | MEDIUM |
| CVE-2026-39822 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-42505 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-39822 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-42505 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-39822 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-42505 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-39822 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
| CVE-2026-42505 | stdlib | v1.25.11 | 1.25.12, 1.26.5, 1.27.0-rc.2 | UNKNOWN |
Awaiting upstream fix
No fix is available yet for these vulnerabilities.
- CVE-2026-27456MEDIUM
- Package
- bsdutils
- Installed
- 1:2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-11856MEDIUM
- Package
- curl
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libblkid1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-4046MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4437MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4438MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-5435MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-6238MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4046MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4437MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4438MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-5435MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-6238MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-11856MEDIUM
- Package
- libcurl4t64
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libmount1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-13757MEDIUM
- Package
- libp11-kit0
- Installed
- 0.25.3-4ubuntu2.1
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libsmartcols1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libuuid1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- mount
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- util-linux
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-10536LOW
- Package
- curl
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2026-12064LOW
- Package
- curl
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2026-10536LOW
- Package
- libcurl4t64
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2026-12064LOW
- Package
- libcurl4t64
- Installed
- 8.5.0-2ubuntu10.10
- Fixed
- CVE-2024-2236LOW
- Package
- libgcrypt20
- Installed
- 1.10.3-2ubuntu0.1
- Fixed
- CVE-2026-40228LOW
- Package
- libsystemd0
- Installed
- 255.4-1ubuntu8.16
- Fixed
- CVE-2026-40228LOW
- Package
- libudev1
- Installed
- 255.4-1ubuntu8.16
- Fixed
- CVE-2024-56433LOW
- Package
- login
- Installed
- 1:4.13+dfsg1-4ubuntu3.2
- Fixed
- CVE-2024-56433LOW
- Package
- passwd
- Installed
- 1:4.13+dfsg1-4ubuntu3.2
- Fixed
- CVE-2026-27171LOW
- Package
- zlib1g
- Installed
- 1:1.3.dfsg-3.1ubuntu2.1
- Fixed
- GO-2026-5932UNKNOWN
- Package
- golang.org/x/crypto
- Installed
- v0.52.0
- Fixed
- GO-2026-5932UNKNOWN
- Package
- golang.org/x/crypto
- Installed
- v0.52.0
- Fixed
| ID | Package | Installed | Fixed | Severity |
|---|---|---|---|---|
| CVE-2026-27456 | bsdutils | 1:2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-11856 | curl | 8.5.0-2ubuntu10.10 | MEDIUM | |
| CVE-2026-27456 | libblkid1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-4046 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4437 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4438 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-5435 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-6238 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4046 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4437 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4438 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-5435 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-6238 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-11856 | libcurl4t64 | 8.5.0-2ubuntu10.10 | MEDIUM | |
| CVE-2026-27456 | libmount1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-13757 | libp11-kit0 | 0.25.3-4ubuntu2.1 | MEDIUM | |
| CVE-2026-27456 | libsmartcols1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | libuuid1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | mount | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | util-linux | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-10536 | curl | 8.5.0-2ubuntu10.10 | LOW | |
| CVE-2026-12064 | curl | 8.5.0-2ubuntu10.10 | LOW | |
| CVE-2026-10536 | libcurl4t64 | 8.5.0-2ubuntu10.10 | LOW | |
| CVE-2026-12064 | libcurl4t64 | 8.5.0-2ubuntu10.10 | LOW | |
| CVE-2024-2236 | libgcrypt20 | 1.10.3-2ubuntu0.1 | LOW | |
| CVE-2026-40228 | libsystemd0 | 255.4-1ubuntu8.16 | LOW | |
| CVE-2026-40228 | libudev1 | 255.4-1ubuntu8.16 | LOW | |
| CVE-2024-56433 | login | 1:4.13+dfsg1-4ubuntu3.2 | LOW | |
| CVE-2024-56433 | passwd | 1:4.13+dfsg1-4ubuntu3.2 | LOW | |
| CVE-2026-27171 | zlib1g | 1:1.3.dfsg-3.1ubuntu2.1 | LOW | |
| GO-2026-5932 | golang.org/x/crypto | v0.52.0 | UNKNOWN | |
| GO-2026-5932 | golang.org/x/crypto | v0.52.0 | UNKNOWN |
Source
Copa (in-place patch)
Platforms
linux/amd64, linux/arm64
Registry
ghcr.io/verity-org
Upstream
docker.io/datadog/cluster-agent
Version
7.80.4