Gloo Open Source

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.11.x Gloo Open Source Release: 1.11.19

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.19 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.19 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.19 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.18

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.11.17

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.17 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.17 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.17 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.16

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.11.15

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.15 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.15 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.14

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.14 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.14 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.14 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.13

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.13 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.13 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.13 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.12

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.12 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.12 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.12 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.11

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.11.10

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.10 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.10 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.10 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.9

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.11.8

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.11.7

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.7 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.7 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.7 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.11.6

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.6 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.6 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.6 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.5

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.5 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.5 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.5 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.4

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.4 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.4 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.4 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.3

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.3 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.3 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.3 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.2

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.2 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.2 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.2 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.1

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.1 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.1 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.1 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.11.0

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.11.0 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.11.0 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.11.0 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Latest 1.10.x Gloo Open Source Release: 1.10.29

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.29 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.29 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.28

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.28 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.28 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.27

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.27 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.27 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.27 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.26

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.26 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.26 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.26 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.25

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.25 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.25 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.25 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.24

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.24 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.24 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.24 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.23

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.10.22

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.22 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.22 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.22 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.10.21

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.21 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.21 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.21 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.20

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.10.20 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.10.20 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.10.20 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.19

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.19 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.19 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.19 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.18

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.18 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.18 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.18 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.17

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.17 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.17 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.17 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.16

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.16 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.16 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.16 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.15

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.15 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.15 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.15 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.14

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.14 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.14 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.14 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.13

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.13 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.13 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.13 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.12

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.12 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.12 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.12 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.11

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.10.10

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.10 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.10 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.9

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.9 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.9 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.8

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.8 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.8 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.7

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.7 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.7 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.6

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.6 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.6 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.5

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.5 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.5 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.4

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.4 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.4 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.3

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.3 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.3 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.2

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.2 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.2 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.1

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.1 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.1 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.10.0

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.10.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.10.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.10.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.11 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210920023735-84f357641f63 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Latest 1.9.x Gloo Open Source Release: 1.9.18

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.18 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.18 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.18 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
Release 1.9.17

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.9.16

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.16 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.16 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.16 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.9.15

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.15 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.15 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.15 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.9.14

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.14 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.14 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.14 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.13

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.13 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.13 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.13 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.12

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.9.12 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.9.12 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.9.12 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.11

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.11 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.11 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.11 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.10

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.10 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.10 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.10 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.9

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.9 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.9 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.9 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.8

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.8 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.8 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.8 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.7

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.7 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.6

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.6 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.5

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.5 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.4

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.4 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.3

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.3 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.2

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.2 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.1

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.1 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.9.0

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.9.0 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Latest 1.8.x Gloo Open Source Release: 1.8.34

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.8.34 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.8.34 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.8.34 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
Release 1.8.33

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.8.32

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.8.31

Gloo access-logger image

No scan found

Gloo certgen image

No scan found

Gloo discovery image

No scan found

Gloo gateway image

No scan found

Gloo gloo image

No scan found

Gloo gloo-envoy-wrapper image

No scan found

Gloo ingress image

No scan found

Gloo sds image

No scan found

Release 1.8.30

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.8.30 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.8.30 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.8.30 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
Release 1.8.29

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.8.29 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.8.29 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.8.29 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.8.28

Gloo access-logger image

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/access-logger

Gloo certgen image

No Vulnerabilities Found for quay.io/solo-io/certgen:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/certgen

Gloo discovery image

No Vulnerabilities Found for quay.io/solo-io/discovery:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/discovery

Gloo gateway image

No Vulnerabilities Found for quay.io/solo-io/gateway:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/gateway

Gloo gloo image

No Vulnerabilities Found for quay.io/solo-io/gloo:1.8.28 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo gloo-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.8.28 (alpine 3.15.0)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

No Vulnerabilities Found for quay.io/solo-io/ingress:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/ingress

Gloo sds image

No Vulnerabilities Found for quay.io/solo-io/sds:1.8.28 (alpine 3.13.8)

No Vulnerabilities Found for usr/local/bin/sds

Release 1.8.27

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.27 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.27 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.27 (alpine 3.13.8)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.26

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.26 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.26 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.26 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.25

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.25 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.25 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.25 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.24

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.24 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.24 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.24 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.23

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.23 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.23 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.23 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.22

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.22 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.22 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.22 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.21

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.21 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.21 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.21 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.20

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.20 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.20 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.20 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.19

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.19 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.19 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo sds image

Vulnerabilities Listed for quay.io/solo-io/sds:1.8.19 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
Release 1.8.18

Gloo access-logger image

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo certgen image

Vulnerabilities Listed for quay.io/solo-io/certgen:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo discovery image

Vulnerabilities Listed for quay.io/solo-io/discovery:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gateway image

Vulnerabilities Listed for quay.io/solo-io/gateway:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo image

Vulnerabilities Listed for quay.io/solo-io/gloo:1.8.18 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo gloo-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.8.18 (alpine 3.14.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo ingress image

Vulnerabilities Listed for quay.io/solo-io/ingress:1.8.18 (alpine 3.13.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2