Gloo Edge Enterprise results
Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.
Latest 1.18.x Gloo Enterprise Release: 1.18.0
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.18.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.18.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.18.0 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.18.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.18.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.18.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.18.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.18.0 (ubuntu 22.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.18.0 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.18.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.28.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Latest 1.17.x Gloo Enterprise Release: 1.17.4
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.4 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.4 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.4 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.17.3
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.3 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.3 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.3 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.17.2
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.2 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.2 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.2 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.17.1
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.1 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.1 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.1 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.17.0
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.0 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.0 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.0 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.21.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Latest 1.16.x Gloo Enterprise Release: 1.16.15
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.15 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.15 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.15 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.16.14
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.14 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.14 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.14 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.16.13
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.13 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.13 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.13 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.16.12
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.12 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.12 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.12 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.12 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.12 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.16.11
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.11 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.11 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.16.10
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.10 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.10 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.16.9
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.9 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.9 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.9 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.16.8
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.8 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.8 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.8 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.16.7
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.7 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.7 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.7 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.16.6
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.6 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.6 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.6 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.5
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.5 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.5 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.5 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.5 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.5 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.5 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.4
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.4 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.4 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.4 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.3
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.3 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.3 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.3 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.3 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.2
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.2 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.2 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.2 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.2 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.1
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.1 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.1 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.1 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.1 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.16.0
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.7+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.0 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.0 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.0 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.0 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Latest 1.15.x Gloo Enterprise Release: 1.15.22
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.22 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.22 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.22 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.22 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.22 (alpine 3.18.6)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.22 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.15.21
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.21 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.21 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.21 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.21 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.21 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.21 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Release 1.15.20
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.20 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.20 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.20 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.20 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.20 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.20 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.15.19
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.19 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.19 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.19 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.19 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.19 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.19 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.15.18
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.18 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.18 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.18 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.18 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.18 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.18 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.15.17
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.17 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.17 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.17 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.17 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.17 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.17 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.17 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.17 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.17 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.17 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.15.16
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.16 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.16 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.16 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.16 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.16 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.16 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.16 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.16 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.16 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.16 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
Release 1.15.15
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.15 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.15 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.15 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-45490 | libexpat | HIGH | 2.6.2-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.15 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.14
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.14 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.14 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.14 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.14 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.13
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.13 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.13 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.13 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.6.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.13 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.12
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.12 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.12 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.12 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.12 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.12 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.12 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.11
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.11 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.6 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.6 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.11 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.11 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.11 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.10
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.10 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.10 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.10 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r1 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.10 (alpine 3.17.6)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.17.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.5 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.5 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.9
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.9 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.12 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.12 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.12 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.12 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.9 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.9 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.12 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.12 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.9 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.12 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.12 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.9 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.12 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.12 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.9 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.9 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.9 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.8
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.8 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.11 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.11 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.8 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.8 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.11 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.8 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.11 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.8 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.11 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.20.11 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.8 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.8 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.8 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.15.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.7
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.7 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.7 (ubuntu 20.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-44487 | libnghttp2-14 | HIGH | 1.40.0-1ubuntu0.1 | 1.40.0-1ubuntu0.2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.7 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.7 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.7 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.7 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.7 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.7 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.7 (alpine 3.17.3)
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.12.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.14.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.6
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.6 (ubuntu 20.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-44487 | libnghttp2-14 | HIGH | 1.40.0-1ubuntu0.1 | 1.40.0-1ubuntu0.2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.6 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.6 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.6 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45283 | stdlib | HIGH | v1.20.10 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.10 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.5
Gloo Enterprise rate-limit-ee image
No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.5 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/rate-limit
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.5 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo
Gloo Enterprise gloo-ee-envoy-wrapper image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.5 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/envoyinit
Gloo Enterprise observability-ee image
No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.5 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/observability
Gloo Enterprise extauth-ee image
No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.5 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/extauth
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.5 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/gloo-fed
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.5 (ubuntu 20.04)
No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.5 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.5 (alpine 3.17.3)
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.5 (alpine 3.17.3)
No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook
Release 1.15.4
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.9 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.9 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.9 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.9 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.9 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.9 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.4 (ubuntu 20.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-44487 | libnghttp2-14 | HIGH | 1.40.0-1ubuntu0.1 | 1.40.0-1ubuntu0.2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.9 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.9 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.9 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.9 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.9 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.9 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.4 (ubuntu 20.04)
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.9 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.9 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.9 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.4 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.3.0-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2024-2398 | curl | HIGH | 8.3.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.3.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.3.0-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2024-2398 | libcurl | HIGH | 8.3.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.3.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.4 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.11-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.3
Gloo Enterprise rate-limit-ee image
No scan found
Gloo Enterprise gloo-ee image
No scan found
Gloo Enterprise gloo-ee-envoy-wrapper image
No scan found
Gloo Enterprise observability-ee image
No scan found
Gloo Enterprise extauth-ee image
No scan found
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
No scan found
Gloo Enterprise gloo-fed-apiserver image
No scan found
Gloo Enterprise gloo-fed-apiserver-envoy image
No scan found
Gloo Enterprise gloo-federation-console image
No scan found
Gloo Enterprise gloo-fed-rbac-validating-webhook image
No scan found
Release 1.15.2
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.8 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.8 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.2 (alpine 3.17.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.8 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.8 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.2 (alpine 3.17.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-32002 | git | CRITICAL | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32002 |
CVE-2024-32004 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32004 |
CVE-2024-32465 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32465 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.8 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.8 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.8 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.8 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.2 (alpine 3.17.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.8 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.8 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.8 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.8 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.2 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.1
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.1 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.1 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-32002 | git | CRITICAL | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32002 |
CVE-2024-32004 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32004 |
CVE-2024-32465 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32465 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.1 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.1 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Release 1.15.0
Gloo Enterprise rate-limit-ee image
Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/rate-limit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.0 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-36621 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36621 |
CVE-2024-36623 | github.com/moby/moby | HIGH | v24.0.4+incompatible | 26.0.0 | https://avd.aquasec.com/nvd/cve-2024-36623 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-ee-envoy-wrapper image
Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.0 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-32002 | git | CRITICAL | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32002 |
CVE-2024-32004 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32004 |
CVE-2024-32465 | git | HIGH | 2.38.5-r0 | 2.39.5-r0 | https://avd.aquasec.com/nvd/cve-2024-32465 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Vulnerabilities Listed for usr/local/bin/envoyinit
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise observability-ee image
Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/observability
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise extauth-ee image
Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/extauth
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise caching-ee image
No scan found
Gloo Enterprise discovery-ee image
No scan found
Gloo Enterprise gloo-fed image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.0 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
Gloo Enterprise gloo-fed-apiserver-envoy image
No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.0 (ubuntu 18.04)
Gloo Enterprise gloo-federation-console image
Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-45491 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45491 |
CVE-2024-45492 | libexpat | CRITICAL | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45492 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-45490 | libexpat | HIGH | 2.5.0-r0 | 2.6.3-r0 | https://avd.aquasec.com/nvd/cve-2024-45490 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Gloo Enterprise gloo-fed-rbac-validating-webhook image
Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.11.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.12.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.56.1 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2024-24790 | stdlib | CRITICAL | v1.20.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-39325 | stdlib | HIGH | v1.20.7 | 1.20.10, 1.21.3 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2023-45283 | stdlib | HIGH | v1.20.7 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 | https://avd.aquasec.com/nvd/cve-2023-45283 |
CVE-2023-45288 | stdlib | HIGH | v1.20.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |