Navigation :

Security and CVE report

Gloo Platform container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

How does Solo fix CVEs?

For OS vulnerabilities that are part of the Istio image, Solo waits for the CVE patch to be provided by the Istio community before releasing a new Solo image. According to the Istio CVE policy, critical CVEs that are found in Istio or that are exploitable through Istio are fixed by the Istio community as soon as possible, and released outside the regular release cycle. Fixes for non-critical CVEs are usually provided as part of the regular Istio release cycle.

For vulnerabilities that are found in a component that Solo controls, such as the image for the Gloo management server, Solo is responsible to provide a security patch. The patch is released as soon as it is available, independently from any Istio release.

Security and CVE scan

Latest 2.3.x gloo mesh enterprise Release: 2.3.4

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.4 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.4 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.4 (alpine 3.17.1)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.4 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.4 (alpine 3.17.1)

Release 2.3.3

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.3 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.3 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.3 (alpine 3.17.1)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.3 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.3 (alpine 3.17.1)

Release 2.3.2

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.2 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.2 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.2 (alpine 3.17.1)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.2 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.2 (alpine 3.17.1)

Release 2.3.1

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.1 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.1 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.1 (alpine 3.17.1)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.1 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.1 (alpine 3.17.1)

Release 2.3.0

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.0 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.0 (alpine 3.17.1)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.0 (alpine 3.17.1)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.0 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.0 (alpine 3.17.1)

Latest 2.2.x gloo mesh enterprise Release: 2.2.8

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.8 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.8 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.8 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.8 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.8 (ubuntu 20.04)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.8 (alpine 3.16.2)

Release 2.2.7

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.7 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.7 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.7 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.7 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.7 (ubuntu 20.04)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.7 (alpine 3.16.2)

Release 2.2.6

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.6 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.6 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.6 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.6 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.6 (ubuntu 20.04)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.6 (alpine 3.16.2)

Release 2.2.5

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.5 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.5 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.5 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.5 (alpine 3.17.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.5 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.5 (alpine 3.16.2)

Release 2.2.4

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.4 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.4 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.4 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.4 (alpine 3.17.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.4 (alpine 3.16.2)

Release 2.2.3

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.3 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.3 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.3 (alpine 3.16.2)

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.3 (alpine 3.17.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.3 (alpine 3.16.2)

Release 2.2.2

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.2 (alpine 3.17.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.2.1

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.1 (alpine 3.17.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.2.0

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.0 (alpine 3.16.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-43551	curl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-43551	libcurl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Latest 2.1.x gloo mesh enterprise Release: 2.1.5

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.5 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.5 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.5 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.5 (alpine 3.17.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl3	HIGH	3.0.7-r2	3.0.8-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.5 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.5 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.1.4

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.4 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.4 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.4 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.4 (alpine 3.16.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-43551	curl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-43551	libcurl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.4 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.1.3

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.3 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.3 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.3 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.3 (alpine 3.16.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-43551	curl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-43551	libcurl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.3 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.1.2

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.2 (alpine 3.16.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-43551	curl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-43551	libcurl	HIGH	7.83.1-r4	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.2 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.1.1

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.1 (alpine 3.16.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.1 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.1.0

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.0 (alpine 3.16.1)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.0 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1s-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Latest 2.0.x gloo mesh enterprise Release: 2.0.24

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.24 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.24 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.24 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.24 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r3	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r3	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r3	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-40303	libxml2	HIGH	2.9.14-r1	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r1	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.24 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.20	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.24 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.23

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.23 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.23 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.22

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.22 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.22 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.21

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.21 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.21 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.21 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.21 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.21 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.21 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.20

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.20 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.20 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.19

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.19 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.19 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.18

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.18 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.18 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.17

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.17 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.17 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.16

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.16 (alpine 3.16.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32221	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	curl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32221	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916	libcurl	HIGH	7.83.1-r2	7.83.1-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.83.1-r2	7.83.1-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.16 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.15

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 2.0.14

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.14 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.14 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286

Release 2.0.13

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.13 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.13 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.12

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.12 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.12 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.11

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.11 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.11 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.10

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.10 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.10 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.9

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.9 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.9 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1p-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.8

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.8 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.8 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.7

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.7 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.7 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.6

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.6 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.6 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.5

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.5 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.5 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.4

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.4 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.3

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.3 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r1	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r1	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.14-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.14-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.2

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.2 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.13-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.1

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.1 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.13-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.0

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.0.0 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	curl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	curl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	curl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915	libcurl	CRITICAL	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916	libcurl	HIGH	7.80.0-r0	7.80.0-r4	https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551	libcurl	HIGH	7.80.0-r0	7.80.0-r5	https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-2309	libxml2	HIGH	2.9.13-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.13-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.0.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Latest 1.2.x gloo mesh enterprise Release: 1.2.30

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.30 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.30 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.29

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.29 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.29 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1q-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.28

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.28 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.28 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.27

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.27 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.27 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1o-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.26

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.26 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.26 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.25

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.25 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.25 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.24

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.24 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.24 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2023-0286	libssl1.1	HIGH	1.1.1n-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.23

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.23 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.23 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.22

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.22 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.22 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.21

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.20

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.20 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.20 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.19

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.19 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.19 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.18

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.18 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.18 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.17

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.17 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.17 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.16

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.16 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.16 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.15

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.15 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.15 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.14

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.14 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.14 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.7	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.13

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.13 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.13 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.12

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.12 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.12 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.11

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.11 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.11 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.10

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.10 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.10 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.9

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.9 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.9 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.8

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.8 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.8 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.7

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.7 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.7 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo-mesh/rbac-webhook:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

Release 1.2.6

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-networking:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/enterprise-agent:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1l-r0	1.1.1t-r0	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149	golang.org/x/text	HIGH	v0.3.6	0.3.8	https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-28948	gopkg.in/yaml.v3	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://avd.aquasec.com/nvd/cve-2022-28948
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:1.2.6 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309	libxml2	HIGH	2.9.12-r0	2.9.14-r1	https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304	libxml2	HIGH	2.9.12-r0	2.9.14-r2	https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:1.2.6 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2023-0286	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.21	https://avd.aquasec.com/nvd/cve-2023-0286

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for gcr.io/gloo