Gloo Edge Enterprise
Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.
Latest 1.8.x Gloo Enterprise Release: 1.8.12
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.12 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.12 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.12 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.12 (alpine 3.13.3)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.12 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.11
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.11 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.11 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.11 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.11 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.11 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.10
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.10 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.10 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.10 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.10 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.10 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.9
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.9 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.9 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.9 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.9 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.9 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.8
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.8 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.8 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.8 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.8 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.8 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.7
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.7 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.7 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.7 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.7 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.6
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.6 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.6 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.5
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.5 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.5 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.4
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.4 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.4 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.3
Gloo Enterprise rate-limit-ee image
No scan found
Gloo Enterprise gloo-ee image
No scan found
Gloo Enterprise gloo-ee-envoy-wrapper image
No scan found
Gloo Enterprise observability-ee image
No scan found
Gloo Enterprise extauth-ee image
No scan found
Gloo Enterprise gloo-fed image
No scan found
Gloo Enterprise gloo-fed-apiserver image
No scan found
Gloo Enterprise gloo-fed-apiserver-envoy image
No scan found
Gloo Enterprise gloo-federation-console image
No scan found
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No scan found
Release 1.8.2
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.2 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.2 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.1
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.1 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.1 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.8.0
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.0 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.0 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Latest 1.7.x Gloo Enterprise Release: 1.7.18
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.7.18 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.18 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.18 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.18 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.18 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.17
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.7.17 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.17 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.17 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.17 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.17 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.16
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.16 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.16 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.16 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.15
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.15 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.15 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.15 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.14
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.14 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.14 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.14 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.13
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.13 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.13 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.13 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.12
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.12 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.12 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.12 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.11
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.11 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.11 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.11 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.10
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.10 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.10 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.10 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.9
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.9 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.9 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.9 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.8
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.8 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.8 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.8 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.7
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.7 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.7 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.7 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.6
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.6 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.6 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.6 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.5
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.5 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.5 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.5 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.5 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.4
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.4 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.4 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.4 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.4 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.3
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.3 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.3 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.3 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.3 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.2
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.2 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.2 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.2 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.2 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.1
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.1 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.1 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.1 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.1 (alpine 3.13.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.7.0
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.43 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.7 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.0 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.0 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Latest 1.6.x Gloo Enterprise Release: 1.6.36
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.36 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.6.36 (alpine 3.14.0)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.36 (alpine 3.14.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.36 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.36 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.36 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.36 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
No Vulnerabilities Found for quay.io/solo-io/grpcserver-ee:1.6.36 (alpine 3.13.5)
No Vulnerabilities Found for usr/local/bin/grpcserver
Release 1.6.35
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.35 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.35 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.35 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/grpcserver
Release 1.6.34
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.34 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.34 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.34 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/grpcserver
Release 1.6.33
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.33 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.33 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.33 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/grpcserver
Release 1.6.32
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.32 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.32 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.32 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/grpcserver
Release 1.6.31
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.31 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.31 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.31 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.30
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22945 | libcurl | HIGH | 7.77.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.30 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.30 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.30 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.29
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.29 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.29 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.29 (alpine 3.13.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.28
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.28 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.28 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.28 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.28 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.28 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.28 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.28 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.28 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.27
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.27 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.27 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.27 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.27 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.27 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.27 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.27 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.27 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.26
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.26 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.26 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.26 (alpine 3.13.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.76.1-r0 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.76.1-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.26 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.26 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.26 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.26 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.26 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.25
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.25 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.25 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.25 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.25 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.25 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.25 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.25 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.25 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.24
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.24 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.24 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.24 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.24 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.24 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.24 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.24 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.24 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r3 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r3 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.23
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.23 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.23 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.23 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.23 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.23 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.23 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.23 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.23 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.22
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.22 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.22 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.22 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.22 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.22 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.22 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.22 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.22 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.21
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.21 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.21 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.21 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.21 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.21 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.21 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.21 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.21 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.20
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.20 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.20 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.20 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.20 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.20 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.20 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.20 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.20 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.19
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.19 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.19 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.19 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.19 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.19 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.19 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.19 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.19 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.18
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.18 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.18 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.18 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-21300 | git | HIGH | 2.26.2-r0 | 2.26.3-r0 | https://avd.aquasec.com/nvd/cve-2021-21300 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.18 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.18 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.18 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.18 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.18 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.17
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.17 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.17 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.17 (alpine 3.12.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-21300 | git | HIGH | 2.26.2-r0 | 2.26.3-r0 | https://avd.aquasec.com/nvd/cve-2021-21300 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r3 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r3 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.17 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/observability
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.17 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/extauth
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Gloo Enterprise grpcserver-ui image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.17 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2020-8231 | curl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | curl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | curl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | curl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2020-8231 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r2 | https://avd.aquasec.com/nvd/cve-2020-8231 |
| CVE-2020-8285 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8285 |
| CVE-2020-8286 | libcurl | HIGH | 7.69.1-r1 | 7.69.1-r3 | https://avd.aquasec.com/nvd/cve-2020-8286 |
| CVE-2021-22901 | libcurl | HIGH | 7.69.1-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22945 | libcurl | HIGH | 7.69.1-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.5-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r5 | 2.9.10-r6 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Gloo Enterprise grpcserver-envoy image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.17 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.42 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2020-1971 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
Gloo Enterprise grpcserver-ee image
Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.17 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1j-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/grpcserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-29652 | golang.org/x/crypto | HIGH | v0.0.0-20201016220609-9e8e0b390897 | v0.0.0-20201216223049-8b5274cf687f | https://avd.aquasec.com/nvd/cve-2020-29652 |
Release 1.6.16
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.16 (alpine 3.12.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.10.5-r1 | 2.10.6-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-28831 | busybox | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-23840 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1j-r0 | https://avd.aquasec.com/nvd/cve-2021-23840 |
| CVE-2021-3450 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1k-r0 | https://avd.aquasec.com/nvd/cve-2021-3450 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1g-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-28831 | ssl_client | HIGH | 1.31.1-r19 | 1.31.1-r20 | https://avd.aquasec.com/nvd/cve-2021-28831 |
Vulnerabilities Listed for usr/local/bin/rate-limit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version |
|---|