Technical advisories report major issues with CockroachDB that may impact security or stability in production environments.
Users are invited to evaluate advisories and consider the recommended mitigation actions independently from their version upgrade schedule.
|A-50587||TRUNCATE prevents table renaming||19.1.0-19.1.10, 19.2.0-19.2.8||July 6, 2020|
|A-48860||Data corruption/loss issue with snapshots and delete range||2.1.0-2.1.9, 19.1.0-19.1.8, 19.2.0-19.2.6||May 20, 2020|
|A-44299||Schema changes may cause cluster unavailability||19.1.0-19.1.7, 19.2.0-19.2.3||Feb 12, 2020|
|A-44348||Data leak in statement details||2.1.0-2.1.11, 19.1.0-19.1.7, 19.2.0-19.2.3||Feb 12, 2020|
||19.2.0-19.2.2||Feb 12, 2020|
|A-43870||HTTP authentication for non-Enterprise users||2.1.10-onward, 19.1.6-onward, 19.2.2||Jan 22, 2020|
|A-42567||HTTP endpoint vulnerability||2.1.0-2.1.8, 19.1.0-19.1.5, 19.2.0-19.2.1||Jan 22, 2020|
|A-30821||Authentication bypass for internal RPCs||1.1.0-1.1.8, 2.0.0-2.0.4||Oct 1, 2018|