Gloo Edge Enterprise

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.13.x Gloo Enterprise Release: 1.13.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.4 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.4 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.4 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.4 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.4 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.4 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.4 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.4 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.4 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.3 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.3 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.3 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.3 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.3 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.3 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.3 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.3 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.3 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.2 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.2 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.2 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.2 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.2 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.2 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.2 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.2 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.2 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.1 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.1 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.1 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.1 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.1 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.1 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.1 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.1 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.1 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.0 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.0 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.0 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.0 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.0 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.0 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.0 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.0 (alpine 3.15.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.12.x Gloo Enterprise Release: 1.12.45

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.45 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.45 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.45 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.45 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.12.45 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.44

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.44 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.44 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.44 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.44 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.44 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.44 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.44 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.44 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.12.44 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.44 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.43

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.43 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.43 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.43 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.43 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.12.43 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.42

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.42 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.42 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.42 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.42 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.12.42 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.41

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.41 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.41 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.41 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.41 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.12.41 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.40

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.40 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.40 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.40 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.40 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.40 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.39

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.39 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.39 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.39 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.39 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.39 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.38

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.38 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.38 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.38 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.38 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.38 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.37

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.37 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.37 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.37 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.37 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.37 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.36

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.36 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.36 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.36 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.36 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.36 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.35

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.35 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.35 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.35 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.35 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.35 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.35 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.35 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.35 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.35 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.35 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220909164309-bea034e7d591 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.34

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.34 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.34 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.34 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.34 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.34 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.34 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.34 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.34 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.34 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.34 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.33

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.33 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.33 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.33 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.33 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.33 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.33 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.33 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.33 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.33 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.33 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.12.32

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.32 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.32 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.32 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.32 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.32 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.32 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.32 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.32 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.32 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.32 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.31

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.31 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.31 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.31 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.31 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.31 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.31 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.31 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.31 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.31 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.31 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.30

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.30 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.30 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.30 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.30 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.30 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.30 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.30 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.30 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.30 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.30 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.29

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.29 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.29 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.29 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.29 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.29 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.29 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.29 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.29 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.29 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.29 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.28

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.28 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.28 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.28 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.28 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.28 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.28 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.28 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.28 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.28 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.28 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.27

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.12.26

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.26 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.26 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.26 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.26 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.26 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.26 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.26 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.26 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.26 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.26 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.25

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.25 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.25 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.25 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.25 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.25 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.25 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.25 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.25 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.25 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.25 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.24

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.24 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.24 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.24 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.24 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.24 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.24 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.24 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.24 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.24 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.24 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.23

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.23 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.23 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.23 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.23 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.23 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.23 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.23 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.23 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.23 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.23 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.22

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.22 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.22 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.22 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.22 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.22 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.22 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.22 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.22 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.22 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.22 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.21

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.21 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.21 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.21 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.21 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.21 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.21 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.21 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.21 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.21 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.20

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.20 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.20 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.20 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.20 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.20 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.20 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.20 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.20 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.20 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.19 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.19 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.19 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.19 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.19 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.19 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.19 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.19 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.19 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.18 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.18 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.18 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.18 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.18 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.18 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.18 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.18 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.18 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.17 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.17 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.17 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.17 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.17 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.17 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.17 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.17 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.17 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.16 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.16 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.16 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.16 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.16 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.16 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.16 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.16 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.16 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220425223048-2871e0cb64e4 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.15 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.15 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.15 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.15 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.15 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.15 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.15 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.15 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.15 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.14 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.14 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.14 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.14 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.14 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.14 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.14 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.14 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.14 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.13 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.13 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.13 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.13 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.13 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.13 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.13 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.13 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.13 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.12 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.12 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.12 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.12 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.12 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.12 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.12 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.12 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.12 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.11 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.11 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.11 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.11 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.11 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.11 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.11 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.11 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.11 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.10 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.10 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.10 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.10 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.10 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.10 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.10 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.10 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.10 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.9 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.9 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.9 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.9 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.9 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.9 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.9 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.9 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.9 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.8 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.8 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.8 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.8 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.8 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.8 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.8 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.8 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.8 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.7 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.7 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.7 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.7 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.7 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.7 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.7 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.7 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.7 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.6

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.6 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.6 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.6 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.6 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.6 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.6 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.6 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.6 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.6 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.5 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.5 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.5 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.5 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.5 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.5 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.5 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.5 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.5 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.4 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.4 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.4 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.4 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.4 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.4 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.4 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.4 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.4 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.3 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.3 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.3 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.3 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.3 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.3 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.3 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.3 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.3 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.12.2 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.12.2 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.2 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.12.2 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.12.2 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.12.2 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.12.2 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.2 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.2 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.12.1 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.12.1 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.1 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.12.1 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.12.1 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.12.1 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.12.1 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.1 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.1 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.12.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.12.0 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.12.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.12.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.12.0 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.12.0 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.12.0 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.12.0 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.12.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.12.0 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.12.0 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Latest 1.11.x Gloo Enterprise Release: 1.11.50

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.50 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.50 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.50 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.50 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.50 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.50 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.50 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.50 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.11.50 (alpine 3.16.1)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.50 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.11.49

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.49 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.49 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.49 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.49 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.49 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.49 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.49 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.49 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.49 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.49 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.11.48

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.48 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.48 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.48 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23521 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.5-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-43551 libcurl HIGH 7.80.0-r4 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.48 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.48 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.48 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.48 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.48 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.48 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.48 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
Release 1.11.47

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.47 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.47 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.47 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.47 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.47 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.47 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.47 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.47 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.47 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.47 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.46

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.46 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.46 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.46 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.46 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.46 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.46 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.46 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.46 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.46 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.46 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.45

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.45 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.45 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.45 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.45 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.45 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.45 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20221002022538-bcab6841153b 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.44

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.11.43

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.43 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.43 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.43 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.43 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.43 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.43 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220225172249-27dd8689420f 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.42

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.42 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.42 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43680 expat HIGH 2.4.9-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.42 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.42 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.42 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.42 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.41

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.41 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.41 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.41 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.41 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.41 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.41 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-41721 golang.org/x/net HIGH v0.0.0-20220906165146-f3363e06e74c 0.1.1-0.20221104162952-702349b0e862 https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.40

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.40 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.40 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.40 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.40 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.40 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.40 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.39

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.39 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.39 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.39 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.39 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.39 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.39 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.38

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.38 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.38 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r3 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r3 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.38 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.38 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.38 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.38 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.37

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.37 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.37 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.37 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.37 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.37 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.37 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.36

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.36 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.36 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.36 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.36 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.36 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.36 (alpine 3.15.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.35

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.35 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.35 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.35 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.35 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.35 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.42.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.35 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.35 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.35 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.35 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.35 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220127200216-cd36cc0744dd 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.34

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.34 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.34 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.34 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.34 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.34 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.34 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.34 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.34 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.34 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.34 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.33

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.33 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.33 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.33 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.33 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.33 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.33 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.33 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.33 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.33 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.33 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.32

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.11.32 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.11.32 (alpine 3.15.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.32 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.11.32 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.11.32 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.11.32 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.11.32 (alpine 3.16.0)

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.32 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.32 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.32 (alpine 3.15.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.31

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.31 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.31 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.31 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.31 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.31 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.31 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.31 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.31 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.31 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.31 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.30

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.30 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.30 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.30 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.30 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.30 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.30 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.30 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.30 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.30 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.30 (alpine 3.15.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.29

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.29 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.29 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.29 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.4-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-39260 git HIGH 2.34.4-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.29 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.29 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-36085 github.com/open-policy-agent/opa CRITICAL v0.40.0 0.44.0 https://avd.aquasec.com/nvd/cve-2022-36085
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.40.0 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.29 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.29 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.29 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.29 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.29 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20220107192237-5cfca573fb4d 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.28

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.28 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.28 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.28 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.28 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.28 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.28 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.28 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.28 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.28 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.28 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.27

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.27 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.27 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.27 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.27 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.27 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.27 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.27 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.27 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.27 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.27 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.26

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.26 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.26 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.26 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.26 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.26 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.26 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.26 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.26 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.26 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.26 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.25

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.25 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.25 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.25 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32221 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.80.0-r2 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r2 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.25 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.25 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.25 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.25 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.25 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.25 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.25 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.24

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.24 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.24 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.24 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.24 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.24 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.24 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.24 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.24 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.24 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27781 curl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-32207 libcurl CRITICAL 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27781 libcurl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.24 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.23

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.23 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.11.23 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.11.23 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-40674 expat CRITICAL 2.4.7-r0 2.4.9-r0 https://avd.aquasec.com/nvd/cve-2022-40674
CVE-2022-43680 expat HIGH 2.4.7-r0 2.5.0-r0 https://avd.aquasec.com/nvd/cve-2022-43680
CVE-2022-23521 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-23521
CVE-2022-41903 git CRITICAL 2.34.2-r0 2.34.6-r0 https://avd.aquasec.com/nvd/cve-2022-41903
CVE-2022-29187 git HIGH 2.34.2-r0 2.34.4-r0 https://avd.aquasec.com/nvd/cve-2022-29187
CVE-2022-39260 git HIGH 2.34.2-r0 2.34.5-r0 https://avd.aquasec.com/nvd/cve-2022-39260
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.11.23 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.11.23 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28946 github.com/open-policy-agent/opa HIGH v0.29.4 0.40.0 https://avd.aquasec.com/nvd/cve-2022-28946
CVE-2022-33082 github.com/open-policy-agent/opa HIGH v0.29.4 0.42.0 https://avd.aquasec.com/nvd/cve-2022-33082
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.11.23 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.11.23 (alpine 3.16.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.35.0-r14 1.35.0-r15 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

No Vulnerabilities Found for Node.js

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.11.23 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.11.23 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27781 curl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-32207 libcurl CRITICAL 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27781 libcurl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r1 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.11.23 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.11.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2022-27664 golang.org/x/net HIGH v0.0.0-20211205041911-012df41ee64c 0.0.0-20220906165146-f3363e06e74c https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
Release 1.11.22

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.11.22 (alpine 3.13.10)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-30065 busybox HIGH 1.32.1-r8 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-30065 ssl_client HIGH 1.32.1-r8 1.32.1-r9