Technical advisories report major issues with CockroachDB that may impact security or stability in production environments.

Users are invited to evaluate advisories and consider the recommended mitigation actions independently from their version upgrade schedule.

Advisory Summary Affected versions Date
A-44299 Schema changes may cause cluster unavailability 19.1.0-19.1.7, 19.2.0-19.2.3 Feb 12, 2020
A-44348 Data leak in statement details 2.1.0-2.1.11, 19.1.0-19.1.7, 19.2.0-19.2.3 Feb 12, 2020
A-44166 SHOW JOBS and Jobs page can endanger cluster stability 19.2.0-19.2.2 Feb 12, 2020
A-43870 HTTP authentication for non-Enterprise users 2.1.10-onward, 19.1.6-onward, 19.2.2 Jan 22, 2020
A-42567 HTTP endpoint vulnerability 2.1.0-2.1.8, 19.1.0-19.1.5, 19.2.0-19.2.1 Jan 22, 2020
A-30821 Authentication bypass for internal RPCs 1.1.0-1.1.8, 2.0.0-2.0.4 Oct 1, 2018


Yes No