Gloo Edge Enterprise results

Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.

Latest 1.18.x Gloo Enterprise Release: 1.18.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.18.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.18.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.18.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.18.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.18.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.18.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.18.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.18.0 (ubuntu 22.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.18.0 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.18.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.28.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Latest 1.17.x Gloo Enterprise Release: 1.17.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.4 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.4 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.17.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.3 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.3 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.17.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.2 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.17.2 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.17.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.1 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.1 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.25.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.17.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.17.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.17.0 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.17.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.17.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.17.0 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.17.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.21.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Latest 1.16.x Gloo Enterprise Release: 1.16.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.15 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.16.15 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.16.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.14 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.14 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.16.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.13 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.13 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.16.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.12 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.12 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.16.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.11 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.10 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.9 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.9 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.8 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.8 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.7 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.7 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.16.6

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.6 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.6 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.5 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.5 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.5 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.4

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.4 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.4 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.3

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.3 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.3 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.3 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.3 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.2

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.2 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.2 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.2 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.1

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.1 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.1 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.1 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.16.0

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.7+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.16.0 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.16.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.16.0 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.16.0 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Latest 1.15.x Gloo Enterprise Release: 1.15.22

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.22 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.22 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.22 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.22 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.22 (alpine 3.18.6)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.22 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.15.21

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.21 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.21 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.21 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.21 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.21 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.21 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
Release 1.15.20

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.20 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.20 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.20 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.20 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.19

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.19 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.19 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.19 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.19 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.19 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.19 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.18

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.18 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.18 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.18 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.18 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.17

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.17 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.17 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.17 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.17 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.16

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.16 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.16 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.16 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.16 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
Release 1.15.15

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.15 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.15 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.15 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-45490 libexpat HIGH 2.6.2-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.15 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.14

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.14 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.14 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.14 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.14 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.13

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.13 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.13 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.13 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2024-28757 libexpat HIGH 2.6.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.6.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.13 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.12

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.12 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.12 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.12 (alpine 3.18.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.12 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.11

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.11 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.6 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.6 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.11 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.11 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.11 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.10

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.10 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.10 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.10 (alpine 3.18.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r1 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r1 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r1 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2024-25062 libxml2 HIGH 2.11.6-r0 2.11.7-r0 https://avd.aquasec.com/nvd/cve-2024-25062

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.10 (alpine 3.17.6)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.17.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.21.5 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.21.5 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.9

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.12 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.12 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.12 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.12 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.12 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.12 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.12 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.12 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.9 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.12 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.12 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.9 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.9 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.5.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.5.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.9 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.8

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.11 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.11 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.11 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.11 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.11 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.11 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.11 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.11 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.8 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.11 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288 stdlib HIGH v1.20.11 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.8 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.8 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.8 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.15.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.7

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.7 (ubuntu 20.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-44487 libnghttp2-14 HIGH 1.40.0-1ubuntu0.1 1.40.0-1ubuntu0.2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.7 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.7 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.7 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-2398 libcurl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.7 (alpine 3.17.3)

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.12.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.14.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.6

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.6 (ubuntu 20.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-44487 libnghttp2-14 HIGH 1.40.0-1ubuntu0.1 1.40.0-1ubuntu0.2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.6 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.6 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-2398 curl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2024-2398 libcurl HIGH 8.4.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.4.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.6 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.10 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45283 stdlib HIGH v1.20.10 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.10 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.5

Gloo Enterprise rate-limit-ee image

No Vulnerabilities Found for quay.io/solo-io/rate-limit-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/rate-limit

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo

Gloo Enterprise gloo-ee-envoy-wrapper image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/envoyinit

Gloo Enterprise observability-ee image

No Vulnerabilities Found for quay.io/solo-io/observability-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/observability

Gloo Enterprise extauth-ee image

No Vulnerabilities Found for quay.io/solo-io/extauth-ee:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/extauth

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.5 (ubuntu 20.04)

No Vulnerabilities Found for usr/local/bin/gloo-fed-apiserver

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.5 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

No Vulnerabilities Found for quay.io/solo-io/gloo-federation-console:1.15.5 (alpine 3.17.3)

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.5 (alpine 3.17.3)

No Vulnerabilities Found for usr/local/bin/gloo-fed-rbac-validating-webhook

Release 1.15.4

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.9 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.9 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.9 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

No Vulnerabilities Found for quay.io/solo-io/gloo-ee:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.9 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.9 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.9 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.4 (ubuntu 20.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-44487 libnghttp2-14 HIGH 1.40.0-1ubuntu0.1 1.40.0-1ubuntu0.2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.9 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.9 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.9 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.9 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.9 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.9 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver:1.15.4 (ubuntu 20.04)

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.9 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.9 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.9 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.9 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.4 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398 curl HIGH 8.3.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.3.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.3.0-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2024-2398 libcurl HIGH 8.3.0-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.3.0-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.4 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.11-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.3

Gloo Enterprise rate-limit-ee image

No scan found

Gloo Enterprise gloo-ee image

No scan found

Gloo Enterprise gloo-ee-envoy-wrapper image

No scan found

Gloo Enterprise observability-ee image

No scan found

Gloo Enterprise extauth-ee image

No scan found

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

No scan found

Gloo Enterprise gloo-fed-apiserver image

No scan found

Gloo Enterprise gloo-fed-apiserver-envoy image

No scan found

Gloo Enterprise gloo-federation-console image

No scan found

Gloo Enterprise gloo-fed-rbac-validating-webhook image

No scan found

Release 1.15.2

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.8 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.8 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-32002 git CRITICAL 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.8 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.8 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.2 (alpine 3.17.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.8 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.8 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.8 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.8 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.2 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 curl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.2 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.1

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-32002 git CRITICAL 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.1 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.1 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 curl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.1 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288
Release 1.15.0

Gloo Enterprise rate-limit-ee image

Vulnerabilities Listed for quay.io/solo-io/rate-limit-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/rate-limit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-36621 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36621
CVE-2024-36623 github.com/moby/moby HIGH v24.0.4+incompatible 26.0.0 https://avd.aquasec.com/nvd/cve-2024-36623
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-ee-envoy-wrapper image

Vulnerabilities Listed for quay.io/solo-io/gloo-ee-envoy-wrapper:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-32002 git CRITICAL 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32002
CVE-2024-32004 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32004
CVE-2024-32465 git HIGH 2.38.5-r0 2.39.5-r0 https://avd.aquasec.com/nvd/cve-2024-32465
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise observability-ee image

Vulnerabilities Listed for quay.io/solo-io/observability-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/observability

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise extauth-ee image

Vulnerabilities Listed for quay.io/solo-io/extauth-ee:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/extauth

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise caching-ee image

No scan found

Gloo Enterprise discovery-ee image

No scan found

Gloo Enterprise gloo-fed image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-apiserver:1.15.0 (alpine 3.17.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-apiserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288

Gloo Enterprise gloo-fed-apiserver-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-fed-apiserver-envoy:1.15.0 (ubuntu 18.04)

Gloo Enterprise gloo-federation-console image

Vulnerabilities Listed for quay.io/solo-io/gloo-federation-console:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-38545 curl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 curl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 curl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 curl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-38545 libcurl CRITICAL 8.2.1-r0 8.4.0-r0 https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2023-38039 libcurl HIGH 8.2.1-r0 8.3.0-r0 https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2024-2398 libcurl HIGH 8.2.1-r0 8.7.1-r0 https://avd.aquasec.com/nvd/cve-2024-2398
CVE-2024-6197 libcurl HIGH 8.2.1-r0 8.9.0-r0 https://avd.aquasec.com/nvd/cve-2024-6197
CVE-2024-45491 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45491
CVE-2024-45492 libexpat CRITICAL 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45492
CVE-2023-52425 libexpat HIGH 2.5.0-r0 2.6.0-r0 https://avd.aquasec.com/nvd/cve-2023-52425
CVE-2024-28757 libexpat HIGH 2.5.0-r0 2.6.2-r0 https://avd.aquasec.com/nvd/cve-2024-28757
CVE-2024-45490 libexpat HIGH 2.5.0-r0 2.6.3-r0 https://avd.aquasec.com/nvd/cve-2024-45490
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-4863 libwebp HIGH 1.2.4-r2 1.2.4-r3 https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-43787 libx11 HIGH 1.8.4-r1 1.8.7-r0 https://avd.aquasec.com/nvd/cve-2023-43787
CVE-2023-44487 nghttp2-libs HIGH 1.51.0-r1 1.51.0-r2 https://avd.aquasec.com/nvd/cve-2023-44487

Gloo Enterprise gloo-fed-rbac-validating-webhook image

Vulnerabilities Listed for quay.io/solo-io/gloo-fed-rbac-validating-webhook:1.15.0 (alpine 3.17.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2023-5363 libcrypto3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363 libssl3 HIGH 3.0.10-r0 3.0.12-r0 https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/gloo-fed-rbac-validating-webhook

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2024-45337 golang.org/x/crypto CRITICAL v0.11.0 0.31.0 https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2023-39325 golang.org/x/net HIGH v0.12.0 0.17.0 https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257g google.golang.org/grpc HIGH v1.56.1 1.56.3, 1.57.1, 1.58.3 https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790 stdlib CRITICAL v1.20.7 1.21.11, 1.22.4 https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325 stdlib HIGH v1.20.7 1.20.10, 1.21.3 https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283 stdlib HIGH v1.20.7 1.20.11, 1.21.4, 1.20.12, 1.21.5 https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288 stdlib HIGH v1.20.7 1.21.9, 1.22.2 https://avd.aquasec.com/nvd/cve-2023-45288