Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.

Security and CVE scan

Latest 2.6.x gloo mesh enterprise Release: 2.6.6

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/mgmt-server-linux-amd64

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.6 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/spire-controller-linux-amd64

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/analyzer-linux-amd64

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/agent-linux-amd64

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/apiserver-linux-amd64

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.6 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.6 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/insights-linux-amd64

Release 2.6.5

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.5 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.6 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.6 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

Release 2.6.5

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.5 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.5 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.4

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.4 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.5 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.4 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.4 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.3

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.3 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.4 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.3 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.3 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.2

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.2 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.3 (ubuntu 20.04)

Release 2.6.2
Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.2 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.2 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.1

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.1 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.2 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.2 (ubuntu 20.04)

Release 2.6.1
Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.1 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.1 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.0

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.0 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.1 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.1 (ubuntu 20.04)

Release 2.6.0

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.0 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.6.0 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

Latest 2.5.x gloo mesh enterprise Release: 2.5.12

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.12 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.12 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/spire-controller-linux-amd64

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/analyzer-linux-amd64

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/agent-linux-amd64

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.12 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.12 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.12 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.12 (alpine 3.18.9)

No Vulnerabilities Found for usr/local/bin/insights-linux-amd64

Release 2.5.11

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.11 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.0 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.0 (ubuntu 20.04)

Latest 2.5.x gloo mesh enterprise Release: 2.5.12

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.12 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.11 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.11 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.10

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.10 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.11 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.11 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.10 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.10 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.9

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.9 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.10 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.10 (ubuntu 20.04)

Release 2.5.9

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.9 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.9 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.9 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.8

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.8 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.8 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.8 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.7

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.7 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.8 (alpine 3.18.7)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.8 (ubuntu 20.04)

Release 2.5.7

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.7 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.7 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.7 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-34156stdlibHIGH1.22.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.6

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.6 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.6 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.6 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.6 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.5

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.5 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.5 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.5 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.4

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.4 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.5 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.5 (ubuntu 20.04)

Release 2.5.4

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.4 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.4 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.3

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.3 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.4 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.4 (ubuntu 20.04)

Release 2.5.3

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.3 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.3 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.3 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.3 (ubuntu 20.04)

Release 2.5.2

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/mgmt-server-linux-amd64

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.2 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/spire-controller-linux-amd64

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.5.2 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.2 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/apiserver-linux-amd64

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.2 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.2 (alpine 3.18.5)

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/insights-linux-amd64

Release 2.5.1

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.1 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.2 (alpine 3.18.6)

No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.2 (ubuntu 20.04)

Release 2.5.1

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.1 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.1 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.5.0

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.0 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.1 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.1 (ubuntu 20.04)

Release 2.5.0

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.13.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.5.0 (alpine 3.18.5)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.7+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-7jwh-3vrq-q3m8github.com/jackc/pgproto3/v2HIGHv2.3.22.3.3https://github.com/advisories/GHSA-7jwh-3vrq-q3m8
CVE-2024-27289github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgx/v4HIGHv4.18.14.18.2https://avd.aquasec.com/nvd/cve-2024-27304
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.21.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.91.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.89.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.89.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-24790stdlibCRITICAL1.21.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-insights:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/insights-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

Latest 2.4.x gloo mesh enterprise Release: 2.4.16

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.16 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.5.0 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.5.0 (ubuntu 20.04)

Latest 2.4.x gloo mesh enterprise Release: 2.4.16

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.16 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.16 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.16 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.15

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.15 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.15 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.15 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.15 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.14

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.14 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.14 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.14 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.14 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.13

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.13 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.13 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.13 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.13 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.12

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.12 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.12 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.01.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.22.01.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-24788stdlibHIGH1.22.01.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.01.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.12 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.12 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.11

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.11 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.11 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.11 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.11 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.10

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.10 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.10 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.10 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.10 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.9

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.9 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.9 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.9 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.9 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.8

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.8 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.8 (alpine 3.18.5)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.8 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.7

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.7 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.7 (alpine 3.18.5)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.6

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.6 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.7 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.21.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-45288stdlibHIGH1.21.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.7 (ubuntu 20.04)

Release 2.4.6

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.6 (alpine 3.18.5)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.6 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.6 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.5

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.5 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.5 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.5 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.5 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.4

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.4 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.4 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.15.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.4 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.4 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.3

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.3 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.3 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.3 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.3 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.2

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.2 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.2 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.2 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.2 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.1

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.1 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.1 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.1 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.4.0

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.11.13.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.0 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.1 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.13.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.11.13.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.0 (alpine 3.18.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.2-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.11.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.54.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.11.13.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24540stdlibCRITICAL1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.20.31.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24539stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.20.31.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.20.31.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.20.31.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.31.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.31.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.31.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.0 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.4.0 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.13.21.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-37307github.com/cilium/ciliumHIGHv1.13.21.13.17, 1.14.12, 1.15.6https://avd.aquasec.com/nvd/cve-2024-37307
CVE-2024-41110github.com/docker/dockerCRITICALv24.0.2+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.2.01.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.51.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2024-36129go.opentelemetry.io/collector/config/configgrpcHIGHv0.80.00.102.1https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2024-36129go.opentelemetry.io/collector/config/confighttpHIGHv0.80.00.102.0https://avd.aquasec.com/nvd/cve-2024-36129
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.42.1-0.20230612162650-64be7e574a170.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.42.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.12.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.56.21.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Latest 2.3.x gloo mesh enterprise Release: 2.3.24

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.24 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.24 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.24 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.3.24 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.23

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.23 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.23 (alpine 3.18.6)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2024-26147helm.sh/helm/v3HIGHv3.12.33.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.22.21.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2024-24788stdlibHIGH1.22.21.22.3https://avd.aquasec.com/nvd/cve-2024-24788
CVE-2024-34156stdlibHIGH1.22.21.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.23 (alpine 3.18.6)

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-otel-collector:2.3.23 (alpine 3.18.5)

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.20.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.20.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.20.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.20.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.20.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.22

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.22 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.22 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.22 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.22 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.21

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.21 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.21 (alpine 3.18.4)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.21 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.21 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.20

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.20 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.20 (alpine 3.18.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.3-r03.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.21.11.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.21.11.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.21.11.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45288stdlibHIGH1.21.11.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.21.11.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.20 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.20 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.19

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.19 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.19 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.19 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.19 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.18

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.18 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.18 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.11-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.18 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.18 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.17

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.17 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.17 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.17 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.17 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.16

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.16 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.16 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.16 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.16 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.15

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.15 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.15 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.15 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.15 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.14

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.14 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.14 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.14 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.14 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.13

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.13 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.13 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.13 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.13 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.12

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.12 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.12 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.12 (alpine 3.17.5)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.10-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.12 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.11

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.11 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.101.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.25+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.11 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.11 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.10

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.10 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.10 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.10 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.11 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.10 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.10 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.10 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.10 (alpine 3.17.4)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.10 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-24790stdlibCRITICAL1.19.101.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-39325stdlibHIGH1.19.101.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.101.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.101.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.101.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.101.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.9

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.9 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.9 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.9 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.9 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.8

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.8 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.8 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.8 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.8 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.7

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.7 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.7 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.7 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.7 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.6

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.6 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.6 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.6 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.6 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.5

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.5 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.5 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.5 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.4

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.4 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.9-r13.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.4 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.4 (alpine 3.18.0)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-48174busyboxCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2022-48174busybox-binshCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174
CVE-2023-5363libcrypto3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.1.0-r43.1.4-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-48174ssl_clientCRITICAL1.36.0-r91.36.1-r1https://avd.aquasec.com/nvd/cve-2022-48174

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.3

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.3 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.3 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.3 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.2

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.2 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.2 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.2 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.1

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.1 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r43.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.1 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.1 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.3.0

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.0 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.0 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-5363libcrypto3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-5363libssl3HIGH3.0.8-r33.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.12.31.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.12.31.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-39325golang.org/x/netHIGHv0.7.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.9.43.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.0 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.3.0 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv23.0.1+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv23.0.1+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.181.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.40.00.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.40.00.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2023-39325golang.org/x/netHIGHv0.8.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.53.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Latest 2.2.x gloo mesh enterprise Release: 2.2.9

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.9 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.9 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.9 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.9 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.9 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.9 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-3676k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.23.71.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.9 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.9 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.8

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.8 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.8 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.8 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.8 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.8 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.8 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-3676k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.23.71.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.8 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.8 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.7

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.7 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.7 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.7 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.7 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.7 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.7 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-3676k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.23.71.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.7 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.7 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.6

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.6 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.6 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.6 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.6 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.6 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.6 (alpine 3.16.2)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.16+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.16+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-3676k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.23.71.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.23.71.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.6 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

gloo mesh enterprise gloo-otel-controller image

No scan found

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.6 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.71.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2023-24534stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.71.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.71.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.71.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.71.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.71.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.71.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.71.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.71.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.5

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.5 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.52.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.5 (alpine 3.17.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2023-0464libssl3HIGH3.0.8-r03.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.8-r03.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.5 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.4

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.4 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.4 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libcrypto3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-4450libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libssl3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.4 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.3

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.3 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0464libcrypto1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-0464libssl1.1HIGH1.1.1t-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-41723golang.org/x/netHIGHv0.5.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.5.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.3 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libcrypto3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-4450libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libssl3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.3 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.2

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.2 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.2 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libcrypto3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-4450libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libssl3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.2 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.1

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.1 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.1 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libcrypto3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-4450libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libssl3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.1 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.2.0

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.0 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2024-28860github.com/cilium/ciliumHIGHv1.11.51.13.14, 1.14.9, 1.15.3https://avd.aquasec.com/nvd/cve-2024-28860
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2024-27289github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2https://avd.aquasec.com/nvd/cve-2024-27289
CVE-2024-27304github.com/jackc/pgxHIGHv3.6.2+incompatible4.18.2, 5.5.4https://avd.aquasec.com/nvd/cve-2024-27304
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.21.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.21.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2024-26147helm.sh/helm/v3HIGHv3.8.23.14.2https://avd.aquasec.com/nvd/cve-2024-26147
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528
CVE-2023-24538stdlibCRITICAL1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.19.41.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-41722stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.19.41.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.19.41.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.19.41.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.19.41.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.19.41.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.19.41.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.19.41.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.19.41.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.19.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.0 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-23914curlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551curlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-23914libcurlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551libcurlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409

gloo mesh enterprise gloo-otel-collector image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-otel-collector:2.2.0 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for gloo-otel-collector

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-2253github.com/docker/distributionHIGHv2.8.1+incompatible2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2024-41110github.com/docker/dockerCRITICALv20.10.21+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2023-28840github.com/docker/dockerHIGHv20.10.21+incompatible20.10.24, 23.0.3https://avd.aquasec.com/nvd/cve-2023-28840
GHSA-87m9-rv8p-rgmggithub.com/mostynb/go-grpc-compressionHIGHv1.1.171.2.3https://github.com/advisories/GHSA-87m9-rv8p-rgmg
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.41.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2024-21626github.com/opencontainers/runcHIGHv1.1.41.1.12https://avd.aquasec.com/nvd/cve-2024-21626
CVE-2023-34231github.com/snowflakedb/gosnowflakeHIGHv1.6.151.6.19https://avd.aquasec.com/nvd/cve-2023-34231
CVE-2023-47108go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcHIGHv0.36.40.46.0https://avd.aquasec.com/nvd/cve-2023-47108
CVE-2023-45142go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpHIGHv0.36.40.44.0https://avd.aquasec.com/nvd/cve-2023-45142
CVE-2022-41723golang.org/x/netHIGHv0.3.00.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.3.00.17.0https://avd.aquasec.com/nvd/cve-2023-39325
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.51.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2023-24538stdlibCRITICAL1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24538
CVE-2023-24540stdlibCRITICAL1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24540
CVE-2024-24790stdlibCRITICAL1.18.51.21.11, 1.22.4https://avd.aquasec.com/nvd/cve-2024-24790
CVE-2022-27664stdlibHIGH1.18.51.18.6, 1.19.1https://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-2879stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2879
CVE-2022-2880stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-2880
CVE-2022-41715stdlibHIGH1.18.51.18.7, 1.19.2https://avd.aquasec.com/nvd/cve-2022-41715
CVE-2022-41716stdlibHIGH1.18.51.18.8, 1.19.3https://avd.aquasec.com/nvd/cve-2022-41716
CVE-2022-41720stdlibHIGH1.18.51.18.9, 1.19.4https://avd.aquasec.com/nvd/cve-2022-41720
CVE-2022-41722stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41722
CVE-2022-41723stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2022-41724stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41724
CVE-2022-41725stdlibHIGH1.18.51.19.6, 1.20.1https://avd.aquasec.com/nvd/cve-2022-41725
CVE-2023-24534stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24534
CVE-2023-24536stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24536
CVE-2023-24537stdlibHIGH1.18.51.19.8, 1.20.3https://avd.aquasec.com/nvd/cve-2023-24537
CVE-2023-24539stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-24539
CVE-2023-29400stdlibHIGH1.18.51.19.9, 1.20.4https://avd.aquasec.com/nvd/cve-2023-29400
CVE-2023-29403stdlibHIGH1.18.51.19.10, 1.20.5https://avd.aquasec.com/nvd/cve-2023-29403
CVE-2023-39325stdlibHIGH1.18.51.20.10, 1.21.3https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2023-45283stdlibHIGH1.18.51.20.11, 1.21.4, 1.20.12, 1.21.5https://avd.aquasec.com/nvd/cve-2023-45283
CVE-2023-45287stdlibHIGH1.18.51.20.0https://avd.aquasec.com/nvd/cve-2023-45287
CVE-2023-45288stdlibHIGH1.18.51.21.9, 1.22.2https://avd.aquasec.com/nvd/cve-2023-45288
CVE-2024-34156stdlibHIGH1.18.51.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-insights image

No scan found

Latest 2.1.x gloo mesh enterprise Release: 2.1.5

Latest 2.1.x gloo mesh enterprise Release: 2.1.5

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.5 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.5 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.5 (alpine 3.17.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libcrypto3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libcrypto3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libcrypto3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363
CVE-2022-4450libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0216libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0216
CVE-2023-0217libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0217
CVE-2023-0286libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0401libssl3HIGH3.0.7-r23.0.8-r0https://avd.aquasec.com/nvd/cve-2023-0401
CVE-2023-0464libssl3HIGH3.0.7-r23.0.8-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-5363libssl3HIGH3.0.7-r23.0.12-r0https://avd.aquasec.com/nvd/cve-2023-5363

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.1.4

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.4 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.4 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.4 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-23914curlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551curlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-23914libcurlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551libcurlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.1.3

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.3 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.3 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.3 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-23914curlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551curlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-23914libcurlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551libcurlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.1.2

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.2 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.2 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.2 (alpine 3.16.3)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-23914curlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551curlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-23914libcurlCRITICAL7.83.1-r47.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r48.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-43551libcurlHIGH7.83.1-r47.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r48.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r48.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r48.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.1.1

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.1 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.1 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.1 (alpine 3.16.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-32221curlCRITICAL7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2023-23914curlCRITICAL7.83.1-r27.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r28.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-42915curlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916curlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551curlHIGH7.83.1-r27.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r28.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r28.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1q-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-32221libcurlCRITICAL7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2023-23914libcurlCRITICAL7.83.1-r27.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r28.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-42915libcurlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916libcurlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551libcurlHIGH7.83.1-r27.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r28.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r28.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1q-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2022-2309libxml2HIGH2.9.14-r02.9.14-r1https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303libxml2HIGH2.9.14-r02.9.14-r2https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304libxml2HIGH2.9.14-r02.9.14-r2https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409
CVE-2022-37434zlibCRITICAL1.2.12-r11.2.12-r2https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found

Release 2.1.0

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.0 (ubuntu 18.04)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-0286libssl1.1HIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286opensslHIGH1.1.1-1ubuntu2.1~18.04.201.1.1-1ubuntu2.1~18.04.21https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-spire-controller image

No scan found

gloo mesh enterprise gloo-mesh-portal-server image

No scan found

gloo mesh enterprise gloo-mesh-analyzer image

No scan found

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.0 (alpine 3.16.2)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-4450libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-4450libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1s-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1s-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2023-29002github.com/cilium/ciliumHIGHv1.11.51.11.16, 1.12.9, 1.13.2https://avd.aquasec.com/nvd/cve-2023-29002
CVE-2021-21272github.com/deislabs/orasHIGHv0.8.10.9.0https://avd.aquasec.com/nvd/cve-2021-21272
CVE-2020-26160github.com/dgrijalva/jwt-goHIGHv3.2.0+incompatiblehttps://avd.aquasec.com/nvd/cve-2020-26160
CVE-2017-11468github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.7.0-rc.0https://avd.aquasec.com/nvd/cve-2017-11468
CVE-2023-2253github.com/docker/distributionHIGHv0.0.0-20191216044856-a8371794149d2.8.2-beta.1https://avd.aquasec.com/nvd/cve-2023-2253
CVE-2022-37315github.com/graphql-go/graphqlHIGHv0.8.00.8.1https://avd.aquasec.com/nvd/cve-2022-37315
CVE-2014-9356github.com/moby/mobyHIGHv0.7.3-0.20190826074503-38ab9da003091.3.3https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2023-27561github.com/opencontainers/runcHIGHv1.1.11.1.5https://avd.aquasec.com/nvd/cve-2023-27561
CVE-2022-27664golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.0.0-20220906165146-f3363e06e74chttps://avd.aquasec.com/nvd/cve-2022-27664
CVE-2022-41721golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.1.1-0.20221104162952-702349b0e862https://avd.aquasec.com/nvd/cve-2022-41721
CVE-2022-41723golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.7.0https://avd.aquasec.com/nvd/cve-2022-41723
CVE-2023-39325golang.org/x/netHIGHv0.0.0-20220722155237-a158d28d115b0.17.0https://avd.aquasec.com/nvd/cve-2023-39325
CVE-2022-32149golang.org/x/textHIGHv0.3.70.3.8https://avd.aquasec.com/nvd/cve-2022-32149
GHSA-m425-mq94-257ggoogle.golang.org/grpcHIGHv1.49.01.56.3, 1.57.1, 1.58.3https://github.com/advisories/GHSA-m425-mq94-257g
CVE-2019-14993istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20220516185659-202e888638581.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253k8s.io/kubernetesHIGHv1.13.01.13.12, 1.14.8, 1.15.5, 1.16.2https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558k8s.io/kubernetesHIGHv1.13.01.18.4, 1.17.7, 1.16.11https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741k8s.io/kubernetesHIGHv1.13.01.19.15, 1.20.11, 1.21.5, 1.22.2https://avd.aquasec.com/nvd/cve-2021-25741
CVE-2023-3676k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3676
CVE-2023-3955k8s.io/kubernetesHIGHv1.13.01.28.1, 1.27.5, 1.26.8, 1.25.13, 1.24.17https://avd.aquasec.com/nvd/cve-2023-3955
CVE-2023-5528k8s.io/kubernetesHIGHv1.13.01.28.4, 1.27.8, 1.26.11, 1.25.16https://avd.aquasec.com/nvd/cve-2023-5528

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.0 (alpine 3.16.1)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2022-32221curlCRITICAL7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2023-23914curlCRITICAL7.83.1-r27.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545curlCRITICAL7.83.1-r28.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-42915curlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916curlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551curlHIGH7.83.1-r27.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533curlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534curlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319curlHIGH7.83.1-r28.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039curlHIGH7.83.1-r28.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libcrypto1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libcrypto1.1HIGH1.1.1q-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2022-32221libcurlCRITICAL7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2023-23914libcurlCRITICAL7.83.1-r27.83.1-r6https://avd.aquasec.com/nvd/cve-2023-23914
CVE-2023-38545libcurlCRITICAL7.83.1-r28.4.0-r0https://avd.aquasec.com/nvd/cve-2023-38545
CVE-2022-42915libcurlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916libcurlHIGH7.83.1-r27.83.1-r4https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551libcurlHIGH7.83.1-r27.83.1-r5https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-27533libcurlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27533
CVE-2023-27534libcurlHIGH7.83.1-r28.0.1-r0https://avd.aquasec.com/nvd/cve-2023-27534
CVE-2023-28319libcurlHIGH7.83.1-r28.1.0-r0https://avd.aquasec.com/nvd/cve-2023-28319
CVE-2023-38039libcurlHIGH7.83.1-r28.3.0-r0https://avd.aquasec.com/nvd/cve-2023-38039
CVE-2022-4450libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2022-4450
CVE-2023-0215libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0215
CVE-2023-0286libssl1.1HIGH1.1.1q-r01.1.1t-r0https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0464libssl1.1HIGH1.1.1q-r01.1.1t-r1https://avd.aquasec.com/nvd/cve-2023-0464
CVE-2023-1999libwebpHIGH1.2.3-r01.2.3-r1https://avd.aquasec.com/nvd/cve-2023-1999
CVE-2023-4863libwebpHIGH1.2.3-r01.2.3-r2https://avd.aquasec.com/nvd/cve-2023-4863
CVE-2022-2309libxml2HIGH2.9.14-r02.9.14-r1https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303libxml2HIGH2.9.14-r02.9.14-r2https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304libxml2HIGH2.9.14-r02.9.14-r2https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2023-29491ncurses-libsHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-29491ncurses-terminfo-baseHIGH6.3_p20220521-r06.3_p20220521-r1https://avd.aquasec.com/nvd/cve-2023-29491
CVE-2023-35945nghttp2-libsHIGH1.47.0-r01.47.0-r1https://avd.aquasec.com/nvd/cve-2023-35945
CVE-2023-44487nghttp2-libsHIGH1.47.0-r01.47.0-r2https://avd.aquasec.com/nvd/cve-2023-44487
CVE-2022-41409pcre2HIGH10.40-r010.42-r0https://avd.aquasec.com/nvd/cve-2022-41409
CVE-2022-37434zlibCRITICAL1.2.12-r11.2.12-r2https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-otel-collector image

No scan found

gloo mesh enterprise gloo-mesh-insights image

No scan found