Security Vulnerabilities in Trident ((26.2.0)CSI Sidecar Images (sig-storage CSI components) #1122
Description
Description:
During container image security scanning, multiple vulnerabilities were identified in the CSI sidecar images used by Trident-related components. These vulnerabilities are detected in the sig-storage CSI containers used in our Kubernetes/EKS environment.
Affected Images and CVEs
Image: sig-storage-csi-provisioner
Vulnerabilities:
CVE-2025-68121 (Critical)
CVE-2026-24051 (High)
CVE-2025-61726 (High)
CVE-2025-61730 (Medium)
Total: 4 vulnerabilities
Image: sig-storage-csi-node-driver-registrar
Vulnerabilities:
CVE-2025-68121 (Critical)
CVE-2025-61726 (High)
CVE-2025-61730 (Medium)
Total: 3 vulnerabilities
Image: sig-storage-csi-resizer
Vulnerabilities:
CVE-2025-68121 (Critical)
CVE-2026-24051 (High)
CVE-2025-61726 (High)
CVE-2025-61730 (Medium)
CVE-2025-61724 (Medium)
Total: 5 vulnerabilities
Environment Details
Platform: Kubernetes / Amazon EKS
Scanner: Twistlock container scan
Component Type: CSI sidecar containers used by Trident
Request
Please review the listed vulnerabilities affecting the CSI sidecar images and advise on:
Supported or patched image versions that address these CVEs.
Recommended upgrade path for Trident deployments.
Any mitigation steps until patched images are available.
These vulnerabilities appear to originate from dependencies (including Go-based libraries) used by the CSI components.
Kindly provide guidance on the appropriate remediation steps.