Gloo Edge Enterprise

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.8.x Gloo Enterprise Release: 1.8.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.12 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.12 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.12 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.12 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.11 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.11 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.11 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.11 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.10 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.10 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.10 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.10 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.9 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.9 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.9 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.9 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.8 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.8 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.8 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.8 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.7

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.7 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.7 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.7 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.6 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.5

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.5 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.4 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.8.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.2 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.1 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.0 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.7.x Gloo Enterprise Release: 1.7.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.7.18 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.18 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.18 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.18 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.17

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.7.17 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.17 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.17 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.17 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.16

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.16 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.16 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.15

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.15 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.15 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.14

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.14 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.14 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.13

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.13 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.13 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.12

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.12 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.12 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.11

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.11 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.11 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.10

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.10 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.10 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.9

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.9 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.9 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.8

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.8 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.8 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.7

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.7 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.6 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.5

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.5 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.5 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.5 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.5 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.4 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.4 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.4 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.4 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.3

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.3 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.3 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.3 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.3 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.2 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.2 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.2 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.1 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.1 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.1 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.7.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.7.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.7.0 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.7.0 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.6.x Gloo Enterprise Release: 1.6.36

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.36 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.6.36 (alpine 3.14.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.36 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.36 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.36 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.36 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.36 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

No Vulnerabilities Found for quay.io/solo-io/grpcserver-ee:1.6.36 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/grpcserver

Release 1.6.35

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.35 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.35 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.35 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/grpcserver

Release 1.6.34

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.34 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.34 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.34 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/grpcserver

Release 1.6.33

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.33 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.33 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.33 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/grpcserver

Release 1.6.32

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.32 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.32 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.32 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/grpcserver

Release 1.6.31

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.31 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.31 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.31 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.30

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl HIGH 7.77.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.30 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.30 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.30 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.29

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.29 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.29 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.29 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.28

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.28 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.28 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.28 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.28 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.28 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.28 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.28 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.28 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.27

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.27 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.27 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.27 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.27 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.27 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.27 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.27 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.27 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.26

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.26 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.26 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.26 (alpine 3.13.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.76.1-r0 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.76.1-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.26 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.26 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.26 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.26 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.26 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.25

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.25 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.25 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.25 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.25 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.25 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.25 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.25 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.25 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.24

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.24 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.24 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.24 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.24 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.24 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.24 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.24 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.24 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r3 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r3 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.23

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.23 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.23 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.23 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.23 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.23 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.23 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.23 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.23 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.22

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.22 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.22 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.22 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.22 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.22 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.22 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.22 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.22 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.21

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.21 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.21 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.21 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.21 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.21 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.21 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.21 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.21 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.20

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.20 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.20 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.20 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.20 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.20 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.20 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.20 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.20 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.19

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.19 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.19 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.19 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.19 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.19 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.19 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.19 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.19 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.18

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.18 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.18 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.18 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-21300 git HIGH 2.26.2-r0 2.26.3-r0 https://avd.aquasec.com/nvd/cve-2021-21300
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.18 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.18 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.18 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.18 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.18 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.17

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.17 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.6.17 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.6.17 (alpine 3.12.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-21300 git HIGH 2.26.2-r0 2.26.3-r0 https://avd.aquasec.com/nvd/cve-2021-21300
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22901 libcurl HIGH 7.69.1-r3 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r3 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.6.17 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.6.17 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652

Gloo Enterprise grpcserver-ui image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ui:1.6.17 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2020-8231 curl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 curl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 curl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 curl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2020-8231 libcurl HIGH 7.69.1-r1 7.69.1-r2 https://avd.aquasec.com/nvd/cve-2020-8231
CVE-2020-8285 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8285
CVE-2020-8286 libcurl HIGH 7.69.1-r1 7.69.1-r3 https://avd.aquasec.com/nvd/cve-2020-8286
CVE-2021-22901 libcurl HIGH 7.69.1-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22945 libcurl HIGH 7.69.1-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-33560 libgcrypt HIGH 1.8.5-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r5 2.9.10-r6 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Gloo Enterprise grpcserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-envoy:1.6.17 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.42 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2020-1971 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise grpcserver-ee image

Vulnerabilities Listed for quay.io/solo-io/grpcserver-ee:1.6.17 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3450 libssl1.1 HIGH 1.1.1j-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1j-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/grpcserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-29652 golang.org/x/crypto HIGH v0.0.0-20201016220609-9e8e0b390897 v0.0.0-20201216223049-8b5274cf687f https://avd.aquasec.com/nvd/cve-2020-29652
Release 1.6.16

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.6.16 (alpine 3.12.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.5-r1 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.10.5-r1 2.10.6-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-23840 libssl1.1 HIGH 1.1.1g-r0 1.1.1j-r0 https://avd.aquasec.com/nvd/cve-2021-23840
CVE-2021-3450 libssl1.1 HIGH 1.1.1g-r0 1.1.1k-r0 https://avd.aquasec.com/nvd/cve-2021-3450
CVE-2021-3712 libssl1.1 HIGH 1.1.1g-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-28831 ssl_client HIGH 1.31.1-r19 1.31.1-r20 https://avd.aquasec.com/nvd/cve-2021-28831

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version