victoriametrics/victoria-logs:v1.43.1
Base OS: alpine 3.22.2 30 vulnerabilities fixed
Patched Image
quay.io/verity/victoriametrics/victoria-logs:v1.43.1-patched
Supply Chain
Full compliance details
Signed
SLSA L3
SBOM
Rekor
Verify this artifact
Cosign signature
cosign verify \ --certificate-identity-regexp "https://github.com/descope/verity/.github/workflows/" \ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \ quay.io/verity/victoriametrics/victoria-logs:v1.43.1-patched
Build provenance
gh attestation verify \ oci://quay.io/verity/victoriametrics/victoria-logs:v1.43.1-patched \ --owner descope
Pre-patch scan
Found 30 vulnerabilit ies in the original image. 30 fixed by Copa.
2CRITICAL4HIGH21MEDIUM3LOW
Vulnerability details
| ID | Package | Installed | Fixed | Severity |
|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | CRITICAL |
| CVE-2025-15467 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | CRITICAL |
| CVE-2025-69419 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | HIGH |
| CVE-2025-69421 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | HIGH |
| CVE-2025-69419 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | HIGH |
| CVE-2025-69421 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | HIGH |
| CVE-2024-58251 | busybox | 1.37.0-r19 | 1.37.0-r20 | MEDIUM |
| CVE-2024-58251 | busybox-binsh | 1.37.0-r19 | 1.37.0-r20 | MEDIUM |
| CVE-2025-11187 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-15468 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-15469 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-66199 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-68160 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-69418 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-69420 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2026-22795 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2026-22796 | libcrypto3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-11187 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-15468 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-15469 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-66199 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-68160 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-69418 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2025-69420 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2026-22795 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2026-22796 | libssl3 | 3.5.4-r0 | 3.5.5-r0 | MEDIUM |
| CVE-2024-58251 | ssl_client | 1.37.0-r19 | 1.37.0-r20 | MEDIUM |
| CVE-2025-46394 | busybox | 1.37.0-r19 | 1.37.0-r20 | LOW |
| CVE-2025-46394 | busybox-binsh | 1.37.0-r19 | 1.37.0-r20 | LOW |
| CVE-2025-46394 | ssl_client | 1.37.0-r19 | 1.37.0-r20 | LOW |
Original image reference
victoriametrics/victoria-logs:v1.43.1