Gloo Open Source results
Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.
Latest 1.16.x Gloo Open Source Release: 1.16.13
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.13 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.13 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.13 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.13 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.13 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.13 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.13 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.16.12
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.12 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.12 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.12 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.12 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.12 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.12 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.12 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.16.11
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.11 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.11 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.11 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.11 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.11 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.11 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.11 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.16.10
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.10 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.10 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.10 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.10 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.10 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.10 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.10 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.16.9
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.8
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.7
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.6
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.5
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.5 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.5 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.4
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.3
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.2
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.1
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.0
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.16.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.16.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Latest 1.15.x Gloo Open Source Release: 1.15.28
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.28 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.28 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.28 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.28 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.28 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.28 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.28 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.27
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.27 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.27 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.27 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.27 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.27 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.27 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.27 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.26
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.26 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.26 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.26 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.26 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.26 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.26 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.26 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.25
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.25 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.25 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.25 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.25 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.25 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.25 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.25 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.24
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.24 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.24 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.24 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.24 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.24 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.24 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.24 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.23
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.23 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.23 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.23 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.23 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.23 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.23 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.23 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.22
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.22 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.22 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.21
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.21 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.21 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.20
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.20 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.20 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.19
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.19 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.19 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.18
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.18 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.18 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.17
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.17 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.17 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.17 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.17 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.17 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.17 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.17 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.16
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.16 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.16 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.16 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.16 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.16 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.16 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.16 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.15
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.15 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.15 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.15 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.15 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.15 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.14
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.13
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.12
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.12 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.12 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.12 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.12 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.12 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.12 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.12 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.11
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.11 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.11 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.11 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.11 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.11 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.11 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.11 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.10
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.15.10 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.15.10 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.15.10 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.10 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.10 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.15.10 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.15.10 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.15.9
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.8
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.15.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.15.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.7
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.7 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.7 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.6
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.6 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.6 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.5
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.5 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.5 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.4
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.4 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.4 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.3
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.3 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.3 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.2
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.2 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.2 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.1
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.1 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.1 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.0
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.15.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.15.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.15.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.15.0 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.15.0 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.15.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.15.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.10.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Latest 1.14.x Gloo Open Source Release: 1.14.30
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.30 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.30 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.30 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.30 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.30 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.30 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.30 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.14.29
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.29 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.29 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.29 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.29 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.29 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.29 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.29 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.28
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.28 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.28 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.28 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.28 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.28 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.28 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.28 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.27
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.27 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.27 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.27 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.27 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.27 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.27 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.27 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.26
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.26 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.26 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.26 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.26 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.26 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.26 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.26 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.25
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.25 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.25 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.25 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.25 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.25 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.25 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.25 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.24
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.24 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.24 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.23
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.23 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.23 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.23 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.23 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.23 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.23 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.23 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.14.22
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.14.22 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.14.22 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.14.22 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.14.22 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.14.22 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.14.22 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.14.22 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Release 1.14.21
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.21 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.21 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.20
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.20 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.20 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.19
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.19 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.19 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.18
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.18 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.18 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.17
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.17 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.17 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.16
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.16 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.16 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.15
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.15 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.15 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.14
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.14 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.14 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.13
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.13 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.13 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.13 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.12
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.12 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.12 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.11
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.11 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.11 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.11 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.11 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.11 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.11 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.11 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.10
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.10 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.9
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.9 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.8
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.8 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.7
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.7 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.6
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.6 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.5
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.5 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.4
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.4 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.3
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.3 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.2
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.2 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.1
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.1 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.14.0
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.14.0 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2023-24534 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.20.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.20.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.20.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.20.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Latest 1.13.x Gloo Open Source Release: 1.13.37
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.37 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.37 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.37 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.37 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.37 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.37 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.37 (alpine 3.17.6)
No Vulnerabilities Found for usr/local/bin/sds
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.37 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | stdlib | HIGH | 1.20.6 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.6 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.36
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.36 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.36 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.36 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | stdlib | HIGH | 1.20.6 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.6 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.35
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.35 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.35 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.35 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | stdlib | HIGH | 1.20.6 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.6 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.34
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.34 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.34 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.34 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | stdlib | HIGH | 1.20.6 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.6 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.33
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.33 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.33 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-45288 | stdlib | HIGH | 1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.33 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.32
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.32 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.32 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.32 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.31
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.31 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.31 (alpine 3.17.5)
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.31 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.30
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.30 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.30 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-45283 | stdlib | HIGH | 1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.30 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.29
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.29 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.29 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.29 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.29 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.29 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.29 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.29 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.29 (alpine 3.17.3)
Release 1.13.28
Gloo access-logger image
No Vulnerabilities Found for quay.io/solo-io/access-logger:1.13.28 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/access-logger
Gloo certgen image
No Vulnerabilities Found for quay.io/solo-io/certgen:1.13.28 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/certgen
Gloo discovery image
No Vulnerabilities Found for quay.io/solo-io/discovery:1.13.28 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/discovery
Gloo gloo image
No Vulnerabilities Found for quay.io/solo-io/gloo:1.13.28 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo gloo-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.13.28 (alpine 3.17.5)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo ingress image
No Vulnerabilities Found for quay.io/solo-io/ingress:1.13.28 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/ingress
Gloo sds image
No Vulnerabilities Found for quay.io/solo-io/sds:1.13.28 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/sds
Gloo kubectl image
No Vulnerabilities Found for quay.io/solo-io/kubectl:1.13.28 (alpine 3.17.3)
Release 1.13.27
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.27 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.27 (alpine 3.17.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.27 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.26
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.26 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.26 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.26 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.25
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.25 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.25 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.25 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.24
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.24 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.24 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-39325 | stdlib | HIGH | 1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45288 | stdlib | HIGH | 1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.24 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.23
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.23 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.23 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.23 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.22
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.22 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.22 (alpine 3.17.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.22 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.21
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.21 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.20
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.20 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.19
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.19 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.18
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.18 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.17
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.17 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.16
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.16 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.15
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.15 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.14
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.14 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.13
Gloo access-logger image
No scan found
Gloo certgen image
No scan found
Gloo discovery image
No scan found
Gloo gloo image
No scan found
Gloo gloo-envoy-wrapper image
No scan found
Gloo ingress image
No scan found
Gloo sds image
No scan found
Gloo kubectl image
No scan found
Release 1.13.12
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.12 (alpine 3.17.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.11
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.8.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.11 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.10
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.10 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.10 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.10 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.9
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.9 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.9 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.10 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.10 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.10 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.10 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.10 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.10 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.8
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.8 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.8 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.7
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.7 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.7 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.7 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.6
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.6 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.6 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.6 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.5
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.5 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.5 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.5 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.4
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.4 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.4 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.5 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.5 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.5 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.5 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.5 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.5 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.5 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.5 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.5 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.5 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.5 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.4 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.3
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.3 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.3 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.3 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.2
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.2 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.2 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.2 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.1
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.1 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.1 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.1 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.7 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.7 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.7 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.7 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.7 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.7 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.7 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.13.0
Gloo access-logger image
Vulnerabilities Listed for quay.io/solo-io/access-logger:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/access-logger
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo certgen image
Vulnerabilities Listed for quay.io/solo-io/certgen:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/certgen
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo discovery image
Vulnerabilities Listed for quay.io/solo-io/discovery:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/discovery
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo image
Vulnerabilities Listed for quay.io/solo-io/gloo:1.13.0 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/gloo
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo gloo-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-envoy-wrapper:1.13.0 (alpine 3.15.0)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/envoyinit
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo ingress image
Vulnerabilities Listed for quay.io/solo-io/ingress:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/ingress
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo sds image
Vulnerabilities Listed for quay.io/solo-io/sds:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/sds
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.2.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2023-39325 | golang.org/x/net | HIGH | v0.2.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.40.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
| CVE-2023-24538 | stdlib | CRITICAL | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-27664 | stdlib | HIGH | 1.18.1 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-2879 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.18.1 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.18.1 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.18.1 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.18.1 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.18.1 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.18.1 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.18.1 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.18.1 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.18.1 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.18.1 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.18.1 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.18.1 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.18.1 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.18.1 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo kubectl image
Vulnerabilities Listed for quay.io/solo-io/kubectl:1.13.0 (alpine 3.15.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/kubectl
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-24538 | stdlib | CRITICAL | 1.16.15 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24538 |
| CVE-2023-24540 | stdlib | CRITICAL | 1.16.15 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24540 |
| CVE-2022-24675 | stdlib | HIGH | 1.16.15 | 1.17.9, 1.18.1 | https://avd.aquasec.com/nvd/cve-2022-24675 |
| CVE-2022-27664 | stdlib | HIGH | 1.16.15 | 1.18.6, 1.19.1 | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-28131 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-28131 |
| CVE-2022-28327 | stdlib | HIGH | 1.16.15 | 1.17.9, 1.18.1 | https://avd.aquasec.com/nvd/cve-2022-28327 |
| CVE-2022-2879 | stdlib | HIGH | 1.16.15 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2879 |
| CVE-2022-2880 | stdlib | HIGH | 1.16.15 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-2880 |
| CVE-2022-29804 | stdlib | HIGH | 1.16.15 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-29804 |
| CVE-2022-30580 | stdlib | HIGH | 1.16.15 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30580 |
| CVE-2022-30630 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30630 |
| CVE-2022-30631 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30631 |
| CVE-2022-30632 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30632 |
| CVE-2022-30633 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30633 |
| CVE-2022-30634 | stdlib | HIGH | 1.16.15 | 1.17.11, 1.18.3 | https://avd.aquasec.com/nvd/cve-2022-30634 |
| CVE-2022-30635 | stdlib | HIGH | 1.16.15 | 1.17.12, 1.18.4 | https://avd.aquasec.com/nvd/cve-2022-30635 |
| CVE-2022-32189 | stdlib | HIGH | 1.16.15 | 1.17.13, 1.18.5 | https://avd.aquasec.com/nvd/cve-2022-32189 |
| CVE-2022-41715 | stdlib | HIGH | 1.16.15 | 1.18.7, 1.19.2 | https://avd.aquasec.com/nvd/cve-2022-41715 |
| CVE-2022-41716 | stdlib | HIGH | 1.16.15 | 1.18.8, 1.19.3 | https://avd.aquasec.com/nvd/cve-2022-41716 |
| CVE-2022-41720 | stdlib | HIGH | 1.16.15 | 1.18.9, 1.19.4 | https://avd.aquasec.com/nvd/cve-2022-41720 |
| CVE-2022-41722 | stdlib | HIGH | 1.16.15 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41722 |
| CVE-2022-41723 | stdlib | HIGH | 1.16.15 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-41724 | stdlib | HIGH | 1.16.15 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41724 |
| CVE-2022-41725 | stdlib | HIGH | 1.16.15 | 1.19.6, 1.20.1 | https://avd.aquasec.com/nvd/cve-2022-41725 |
| CVE-2023-24534 | stdlib | HIGH | 1.16.15 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24534 |
| CVE-2023-24536 | stdlib | HIGH | 1.16.15 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24536 |
| CVE-2023-24537 | stdlib | HIGH | 1.16.15 | 1.19.8, 1.20.3 | https://avd.aquasec.com/nvd/cve-2023-24537 |
| CVE-2023-24539 | stdlib | HIGH | 1.16.15 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-24539 |
| CVE-2023-29400 | stdlib | HIGH | 1.16.15 | 1.19.9, 1.20.4 | https://avd.aquasec.com/nvd/cve-2023-29400 |
| CVE-2023-29403 | stdlib | HIGH | 1.16.15 | 1.19.10, 1.20.5 | https://avd.aquasec.com/nvd/cve-2023-29403 |
| CVE-2023-39325 | stdlib | HIGH | 1.16.15 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
| CVE-2023-45283 | stdlib | HIGH | 1.16.15 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
| CVE-2023-45287 | stdlib | HIGH | 1.16.15 | 1.20.0 | https://avd.aquasec.com/nvd/cve-2023-45287 |
| CVE-2023-45288 | stdlib | HIGH | 1.16.15 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |