Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.

Latest 1.17.x Gloo Enterprise Release: 1.17.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.17.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.2 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.17.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.1 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.17.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.0 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.16.x Gloo Enterprise Release: 1.16.15

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.16.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.14 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.13 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.12 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.11 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.11 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.10 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.9 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.8 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.7 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.6

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.6 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.5 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.4 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.3 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.2 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.1 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.0 (alpine 3.18.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Latest 1.15.x Gloo Enterprise Release: 1.15.22

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.15.21

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.21 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.21 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.21 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.21 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.20

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.20 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.19 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.19 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.19 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.19 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.18 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.17 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.16 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.15 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.14 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.13 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.12 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.61.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.61.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.11 (alpine 3.18.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.10 (alpine 3.18.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.111.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.111.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.111.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.111.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.111.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.111.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.111.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.111.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.111.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.111.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.7 (ubuntu 20.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-44487libnghttp2-14HIGH1.40.0-1ubuntu0.11.40.0-1ubuntu0.2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.6 (ubuntu 20.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-44487libnghttp2-14HIGH1.40.0-1ubuntu0.11.40.0-1ubuntu0.2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.5 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.91.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.91.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.91.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.91.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.91.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.91.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.4 (ubuntu 20.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-44487libnghttp2-14HIGH1.40.0-1ubuntu0.11.40.0-1ubuntu0.2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.91.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.91.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.91.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.91.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.91.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.91.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.91.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.91.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.91.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.3.0-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398curlHIGH8.3.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.3.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.3.0-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398libcurlHIGH8.3.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.3.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.15.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.81.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.81.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.2 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.81.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.81.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.2 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.81.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.81.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.81.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.81.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.2 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.81.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.81.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.81.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.81.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.1 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.1 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.1 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.0 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.0 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.0 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.11.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Latest 1.14.x Gloo Enterprise Release: 1.14.23

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.14.22

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.22 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.22 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.22 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.22 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.22 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.22 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.22 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.22 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.22 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.21

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.21 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.21 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.21 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.21 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.21 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.14.20

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.20 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.20 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.20 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.20 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.14.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.19 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.19 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.19 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.19 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.91.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.14.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.18 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.18 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.18 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.18 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.17 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.17 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.17 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.17 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.16 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.16 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.16 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.16 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.2-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.15 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.15 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.15 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.15 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.6.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757libexpatHIGH2.6.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.14 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.14 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.14 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.20.121.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.20.121.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.14 (alpine 3.18.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.5.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.5.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r12.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r12.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r12.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062libxml2HIGH2.11.6-r02.11.7-r0https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.13 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.13 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.13 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.13 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.14.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.12

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.12 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.12 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.12 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-2398curlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2024-2398libcurlHIGH8.4.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.4.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.12 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283stdlibHIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.11 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.10

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.10 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.10 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.3.0-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398libcurlHIGH8.3.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.3.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.10 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.3.0-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398curlHIGH8.3.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.3.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.3.0-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398libcurlHIGH8.3.0-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.3.0-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.10 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.9

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.9 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.9 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.9 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.9 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.8

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.8 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.8 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.8 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.2.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.2.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.2.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.2.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487nghttp2-libsHIGH1.51.0-r11.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.8 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.7

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.7 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.7 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.7 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.7 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787libx11HIGH1.8.4-r11.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.6 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.5

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138libx11HIGH1.8.4-r01.8.4-r1https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787libx11HIGH1.8.4-r01.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.5 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039curlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.1.2-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039libcurlHIGH8.1.2-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.1.2-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.1.2-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863libwebpHIGH1.2.4-r21.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138libx11HIGH1.8.4-r01.8.4-r1https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787libx11HIGH1.8.4-r01.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.4 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.3 (alpine 3.17.3)

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.3 (alpine 3.17.3)

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.3 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.2 (alpine 3.17.3)

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.2 (alpine 3.17.3)

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.2 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-1999libwebpHIGH1.2.4-r11.2.4-r2https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-29491ncurses-libsHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319libcurlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319curlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319libcurlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999libwebpHIGH1.2.4-r11.2.4-r2https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.4-r11.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138libx11HIGH1.8.4-r01.8.4-r1https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787libx11HIGH1.8.4-r01.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491ncurses-libsHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.1 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.14.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-32002gitCRITICAL2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465gitHIGH2.38.5-r02.39.5-r0https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319libcurlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-38545curlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319curlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398curlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197curlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545libcurlCRITICAL8.0.1-r08.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319libcurlHIGH8.0.1-r08.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH8.0.1-r08.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398libcurlHIGH8.0.1-r08.7.1-r0https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197libcurlHIGH8.0.1-r08.9.0-r0https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45490libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-45491libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492libexpatCRITICAL2.5.0-r02.6.3-r0https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425libexpatHIGH2.5.0-r02.6.0-r0https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757libexpatHIGH2.5.0-r02.6.2-r0https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999libwebpHIGH1.2.4-r11.2.4-r2https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.4-r11.2.4-r3https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138libx11HIGH1.8.4-r01.8.4-r1https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787libx11HIGH1.8.4-r01.8.7-r0https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491ncurses-libsHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20221119-r06.3_p20221119-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.51.0-r01.51.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.51.0-r01.51.0-r2https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.0 (alpine 3.17.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.20.11.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.11.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.11.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288