Gloo Edge Enterprise

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.9.x Gloo Enterprise Release: 1.9.6

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.9.6 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.6 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.9.6 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.6 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.9.5 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.5 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.9.5 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.5 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.9.4 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.4 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.9.4 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.4 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.9.3 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.3 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.9.3 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.3 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.9.2 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.2 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.9.2 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.9.1 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.1 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.9.1 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.9.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.9.0 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.9.0 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.9.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.9.0 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.8.x Gloo Enterprise Release: 1.8.23

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.23 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.23 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.23 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.23 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.23 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.22

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.22 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.22 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.22 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.22 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.22 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.21

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.21 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.21 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.21 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.21 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.20

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.20 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.20 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.20 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.20 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.8.19 (alpine 3.14.2)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.19 (alpine 3.14.2)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.8.19 (alpine 3.13.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.19 (alpine 3.13.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.18

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.18 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.18 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r5 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.18 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.17

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.17 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.17 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.17 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.16

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.16 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.16 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.16 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.15

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.15 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.15 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.15 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.14

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.14 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2017-11468 github.com/docker/distribution HIGH v0.0.0-20191216044856-a8371794149d v2.7.0-rc.0+incompatible https://avd.aquasec.com/nvd/cve-2017-11468

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.14 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2017-11468 github.com/docker/distribution HIGH v0.0.0-20191216044856-a8371794149d v2.7.0-rc.0+incompatible https://avd.aquasec.com/nvd/cve-2017-11468

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2017-11468 github.com/docker/distribution HIGH v0.0.0-20191216044856-a8371794149d v2.7.0-rc.0+incompatible https://avd.aquasec.com/nvd/cve-2017-11468

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.14 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.13

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.13 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.13 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.13 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.12

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.12 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.12 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.12 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.11

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.11 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.11 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.11 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.11 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.10

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.10 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.10 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.10 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.9

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.9 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.9 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.9 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.8

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.8 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.8 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.8 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.7

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.7 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.7 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.7 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.6 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.5

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.5 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.4 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.8.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.2 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver-envoy:1.8.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.43 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.7 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.8.1 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.8.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.8.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-21272 github.com/deislabs/oras HIGH v0.8.1 v0.9.0 https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2021-41092 github.com/docker/cli HIGH v0.0.0-20200210162036-a4bedce16568 v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.8.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.77.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-