Gloo Edge Enterprise results

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.

Latest 1.16.x Gloo Enterprise Release: 1.16.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.10 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.9 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.9 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.9 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.9 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.9 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.9 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.8 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.8 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.8 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.8 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.8 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.8 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.7 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.7 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.7 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.7 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.7 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.7 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.6

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.6 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.6 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.6 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.6 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.6 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.6 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.6 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.6 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.6 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.5 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.5 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.5 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.5 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.5 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.5 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.4 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.4 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.4 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.4 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.4 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.4 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.4 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.4 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.4 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.3 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.3 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.3 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.3 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.3 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.3 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.3 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.3 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.3 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.2 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.2 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.1 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.1 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.16.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.0 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.0 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Latest 1.15.x Gloo Enterprise Release: 1.15.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.18 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.18 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.18 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.18 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.17 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.17 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.17 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.17 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.16 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.16 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.16 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.16 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.15 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.15 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.15 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.15 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.14 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.13 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.13 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.12 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.12 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.11 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.11 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.11 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.11 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.11 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.10 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.10 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.10 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.9 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.9 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.9 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.9 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.9 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.9 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.8 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.8 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.8 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.8 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.8 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.8 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.7 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.7 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.7 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.7 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.7 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.7 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.15.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.5 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.15.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.15.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.15.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.15.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Latest 1.14.x Gloo Enterprise Release: 1.14.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.19 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.19 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.19 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.19 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.19 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.18 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.18 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.18 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.18 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.18 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.17 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.17 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.17 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.17 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.17 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.16 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.16 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.16 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.16 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.16 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.15 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.15 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.15 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.15 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.15 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.14 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.14 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.14 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.14 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.14 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.13 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.13 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.13 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.13 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.13 (alpine 3.17.5)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.13 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.13 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.12

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.12 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.12 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.12 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.12 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.14.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.11 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.11 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.11 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.10

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.10 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.10 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.10 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.10 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.14.9

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.9 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.9 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.9 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.14.8

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.8 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.8 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.8 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.14.7

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.7 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.7 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.7 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
Release 1.14.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
Release 1.14.5

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.5 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
Release 1.14.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
Release 1.14.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.3 (alpine 3.17.3)

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.3 (alpine 3.17.3)

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.3 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.14.3 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.3 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.2 (alpine 3.17.3)

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.14.2 (alpine 3.17.3)

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.14.2 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-2253 github.com/docker/distribution HIGH v2.8.1+incompatible 2.8.2-beta.1 https://avd.aquasec.com/nvd/cve-2023-2253

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.2 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.14.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 curl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 curl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.4-r1 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
Release 1.14.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.14.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 curl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 curl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.4-r1 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.14.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.52.0 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2023-24534 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.20.1 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.20.1 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.20.1 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403

Latest 1.13.x Gloo Enterprise Release: 1.13.34

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.34 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.34 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.34 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.34 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.34 (alpine 3.17.6)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.34 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.34 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.34 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.34 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.34 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.33

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.33 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.33 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.33 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.33 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.33 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.33 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.33 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.33 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.33 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.33 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.32

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.32 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.32 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.32 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.32 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.32 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.32 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.32 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.32 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.32 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.32 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.31

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.31 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.31 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.31 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.31 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.31 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.31 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.31 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.31 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.31 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.31 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.30

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.30 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.30 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.30 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.30 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.30 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.30 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.30 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.30 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.30 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.30 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.29

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.29 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.29 (alpine 3.17.5)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.29 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.29 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.29 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.29 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.29 (alpine 3.18.3)

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.29 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.29 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.29 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.28

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.28 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.28 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.28 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.28 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.28 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.27

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.13.27 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.13.27 (alpine 3.17.5)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.27 (alpine 3.17.5)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.13.27 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.13.27 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.13.27 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.13.27 (alpine 3.17.2)

No Vulnerabilities Found for Node.js

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.27 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.13.27 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.27 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.13.26

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.26 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.26 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.26 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.26 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.26 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.25

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.25 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.25 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.25 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.25 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.25 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.24

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.24 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.24 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.24 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.24 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.24 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.23

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.23 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.23 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.23 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.23 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.23 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
Release 1.13.22

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.22 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.22 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.22 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.22 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.22 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.21

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.21 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.21 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.21 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.21 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.20

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.20 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.20 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.19

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.19 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.2-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.2-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.19 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.9-r1 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.18

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.0-r1 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.0-r1 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.18 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.1.0-r1 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.1.0-r1 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.1.0-r1 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.1.0-r1 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.4-r1 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.18 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.17

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.17 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 curl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 curl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.4-r1 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.17 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.16

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-25652 git HIGH 2.38.4-r1 2.38.5-r0 https://avd.aquasec.com/nvd/cve-2023-25652
CVE-2023-29007 git HIGH 2.38.4-r1 2.38.5-r0 https://avd.aquasec.com/nvd/cve-2023-29007
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.16 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 curl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 curl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.0.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 8.0.1-r0 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 8.0.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-1999 libwebp HIGH 1.2.4-r1 1.2.4-r2 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.4-r1 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-3138 libx11 HIGH 1.8.4-r0 1.8.4-r1 https://avd.aquasec.com/nvd/cve-2023-3138
CVE-2023-43787 libx11 HIGH 1.8.4-r0 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-29491 ncurses-libs HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20221119-r0 6.3_p20221119-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.16 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r4 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.15

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37315 github.com/graphql-go/graphql HIGH v0.8.0 0.8.1 https://avd.aquasec.com/nvd/cve-2022-37315
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-25652 git HIGH 2.38.4-r1 2.38.5-r0 https://avd.aquasec.com/nvd/cve-2023-25652
CVE-2023-29007 git HIGH 2.38.4-r1 2.38.5-r0 https://avd.aquasec.com/nvd/cve-2023-29007
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 7.88.1-r1 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-28319 libcurl HIGH 7.88.1-r1 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 7.88.1-r1 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-35945 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r0 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.13.15 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37315 github.com/graphql-go/graphql HIGH v0.8.0 0.8.1 https://avd.aquasec.com/nvd/cve-2022-37315
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.13.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.13.15 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 7.83.1-r6 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-27533 curl HIGH 7.83.1-r6 8.0.1-r0 https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534 curl HIGH 7.83.1-r6 8.0.1-r0 https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319 curl HIGH 7.83.1-r6 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 curl HIGH 7.83.1-r6 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-38545 libcurl CRITICAL 7.83.1-r6 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-27533 libcurl HIGH 7.83.1-r6 8.0.1-r0 https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534 libcurl HIGH 7.83.1-r6 8.0.1-r0 https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319 libcurl HIGH 7.83.1-r6 8.1.0-r0 https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039 libcurl HIGH 7.83.1-r6 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2023-1999 libwebp HIGH 1.2.3-r0 1.2.3-r1 https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863 libwebp HIGH 1.2.3-r0 1.2.3-r2 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-29491 ncurses-libs HIGH 6.3_p20220521-r0 6.3_p20220521-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491 ncurses-terminfo-base HIGH 6.3_p20220521-r0 6.3_p20220521-r1 https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945 nghttp2-libs HIGH 1.47.0-r0 1.47.0-r1 https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487 nghttp2-libs HIGH 1.47.0-r0 1.47.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409 pcre2 HIGH 10.40-r0 10.42-r0 https://avd.aquasec.com/nvd/cve-2022-41409

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.13.15 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-41722 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.10 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.10 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.10 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.10 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.10 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287
Release 1.13.14

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.13.14 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538 stdlib CRITICAL 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540 stdlib CRITICAL 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2022-2879 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715 stdlib HIGH 1.18.6 1.18.7, 1.19.2 https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716 stdlib HIGH 1.18.6 1.18.8, 1.19.3 https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720 stdlib HIGH 1.18.6 1.18.9, 1.19.4 https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725 stdlib HIGH 1.18.6 1.19.6, 1.20.1 https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537 stdlib HIGH 1.18.6 1.19.8, 1.20.3 https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400 stdlib HIGH 1.18.6 1.19.9, 1.20.4 https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403 stdlib HIGH 1.18.6 1.19.10, 1.20.5 https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-45287 stdlib HIGH 1.18.6 1.20.0 https://avd.aquasec.com/nvd/cve-2023-45287

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.13.14 (alpine 3.17.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.8-r3 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for Node.js

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-4068 braces HIGH 3.0.2 3.0.3 https://avd.aquasec.com/nvd/cve-2024-4068
CVE-2024-29415 ip HIGH 2.0.0 https://avd.aquasec.com/nvd/cve-2024-29415

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37315 github.com/graphql-go/graphql HIGH v0.8.0 0.8.1 https://avd.aquasec.com/nvd/cve-2022-37315
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.50.1 1.56.3, 1.57.1, 1.58.3