We are evaluating k3s. As part of security, scanned all the k3s images corresponding to version 1.18.2+k3s1 (698e444). The scanning tool reported below CVE vulnerabilities corresponding to severity level Critical (3) & High(10) (there are additional CVE corresponding to medium/low severity).
Pls clarify if these CVE would be addressed in upcoming release ? Also does k3s images gets scanned during every release ?