Navigation :

Security and CVE report

Gloo Mesh Enterprise container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 2.0.x gloo mesh enterprise Release: 2.0.23

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.23 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.23 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.23 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.23 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.23 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.23 (alpine 3.14.2)

Release 2.0.22

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.22 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.22 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.22 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.22 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.22 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.22 (alpine 3.14.2)

Release 2.0.21

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.21 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.21 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.21 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.21 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.21 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.21 (alpine 3.14.2)

Release 2.0.20

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.20 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.20 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.20 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.20 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.20 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.20 (alpine 3.14.2)

Release 2.0.19

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.19 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.19 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.19 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.19 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.19 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.19 (alpine 3.14.2)

Release 2.0.18

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.18 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.18 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.18 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.18 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.18 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.18 (alpine 3.14.2)

Release 2.0.17

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.17 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.17 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.17 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.17 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.17 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.17 (alpine 3.14.2)

Release 2.0.16

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.16 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.16 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-ui:2.0.16 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.16 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.16 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.16 (alpine 3.14.2)

Release 2.0.15

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 2.0.14

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.14 (alpine 3.14.2)

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.14 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.14 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.14 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.14 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.14 (alpine 3.14.2)

Release 2.0.13

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.13 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.13 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.12

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.12 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.12 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.11

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.11 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.11 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.10

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.10 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.10 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.9

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.9 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.9 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.8

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.8 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.8 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.7

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.7 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.7 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.6

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.6 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.6 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.5

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.5 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.5 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.4

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.4 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.3

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.3 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27405	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r1	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-27780	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r1	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.2

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.2 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.1

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.1 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Release 2.0.0

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.0 (alpine 3.15.4)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-32207	curl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.11.1-r0	2.11.1-r1	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.11.1-r0	2.11.1-r2	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207	libcurl	CRITICAL	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.80.0-r0	7.80.0-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.80.0-r0	7.80.0-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-29458	ncurses-libs	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.3_p20211120-r0	6.3_p20211120-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587	pcre2	CRITICAL	10.39-r0	10.40-r0	https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Latest 1.2.x gloo mesh enterprise Release: 1.2.30

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.30 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.30 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.30 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.29

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.29 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.29 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.29 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.28

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.28 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.28 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.28 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.27

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.27 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r1	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.27 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.27 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.26

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.26 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.26 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.26 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.25

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.25 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-37434	zlib	CRITICAL	1.2.12-r0	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.25 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.25 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.24

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.24 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.24 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.24 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.23

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.23 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.23 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.23 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.22

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.22 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.22 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.22 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.21

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.20

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.20 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.20 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.20 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.19

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.19 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.19 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.19 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.18

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.18 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.18 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.18 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.17

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.17 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.17 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.17 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.16

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.16 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.16 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.16 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.15

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.15 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.15 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.15 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.14

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.14 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.4	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.4	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211130175222-4959f6f44728	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211130175222-4959f6f44728	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.14 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.14 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.13

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.13 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.13 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.13 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.12

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.12 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.12 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.12 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.11

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.11 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.11 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.11 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.10

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.10 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.10 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.10 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.9

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.9 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.9 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.9 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.8

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.8 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.8 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.8 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.7

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.7 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.7 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.7 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.6

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.6 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.6 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.6 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.5

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.5 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.5 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.5 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.4

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.4 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391	ssl_client	HIGH	1.33.1-r6	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.4 (alpine 3.13.7)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-28391	busybox	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207	curl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207	libcurl	CRITICAL	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.79.1-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.79.1-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391	ssl_client	HIGH	1.32.1-r7	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r7	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.4 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.3

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.3 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.3 (alpine 3.13.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945	curl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	curl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	curl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	libcurl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	libcurl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.3 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.2

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.2 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20211019135535-77e71d7074d8	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20211019135535-77e71d7074d8	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.2 (alpine 3.13.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945	curl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	curl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	curl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	libcurl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	libcurl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.2 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.1

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20210423173126-13fb8ac89420	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.1 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20210423173126-13fb8ac89420	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.1 (alpine 3.13.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945	curl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	curl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	curl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	libcurl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	libcurl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.1 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.2.0

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20210423173126-13fb8ac89420	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.0 (alpine 3.14.2)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libretls	HIGH	3.3.3p1-r2	3.3.3p1-r3	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.33.1-r3	1.33.1-r6	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.33.1-r3	1.33.1-r7	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996	github.com/emicklei/go-restful	CRITICAL	v2.11.1+incompatible	2.16.0	https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	v1.1.2	https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561	golang.org/x/text	HIGH	v0.3.6	0.3.7	https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-31045	istio.io/istio	CRITICAL	v0.0.0-20210423173126-13fb8ac89420	1.12.18, 1.13.5, 1.14.1	https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.9.8, 1.10.4, 1.11.1	https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	1.13.1, 1.11.7, 1.11.7	https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.0 (alpine 3.13.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	busybox	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	busybox	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945	curl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	curl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	curl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	curl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	curl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404	freetype	CRITICAL	2.10.4-r1	2.10.4-r2	https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406	freetype	HIGH	2.10.4-r1	2.10.4-r3	https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207	libcurl	CRITICAL	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946	libcurl	HIGH	7.78.0-r0	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775	libcurl	HIGH	7.78.0-r0	7.79.1-r1	https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782	libcurl	HIGH	7.78.0-r0	7.79.1-r2	https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778	libssl1.1	HIGH	1.1.1l-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308	libxml2	HIGH	2.9.12-r0	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458	ncurses-libs	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458	ncurses-terminfo-base	HIGH	6.2_p20210109-r0	6.2_p20210109-r1	https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.32.1-r6	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391	ssl_client	HIGH	1.32.1-r6	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065	ssl_client	HIGH	1.32.1-r6	1.32.1-r9	https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434	zlib	CRITICAL	1.2.11-r3	1.2.12-r2	https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.0 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.13	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Latest 1.1.x gloo mesh enterprise Release: 1.1.8

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.8 (alpine 3.11.12)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.8 (alpine 3.11.12)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/rbac-webhook

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.8 (alpine 3.11.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.8 (alpine 3.11.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.8 (alpine 3.13.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-36159	apk-tools	CRITICAL	2.12.1-r0	2.12.6-r0	https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139	apk-tools	HIGH	2.12.1-r0	2.12.5-r0	https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391	busybox	CRITICAL	1.32.1-r3	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-28831	busybox	HIGH	1.32.1-r3	1.32.1-r4	https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945	curl	CRITICAL	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901	curl	HIGH	7.74.0-r1	7.77.0-r0	https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946	curl	HIGH	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711	libcrypto1.1	CRITICAL	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712	libcrypto1.1	HIGH	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1k-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901	libcurl	HIGH	7.74.0-r1	7.77.0-r0	https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946	libcurl	HIGH	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560	libgcrypt	HIGH	1.8.7-r0	1.8.8-r0	https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711	libssl1.1	CRITICAL	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712	libssl1.1	HIGH	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778	libssl1.1	HIGH	1.1.1k-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3517	libxml2	HIGH	2.9.10-r6	2.9.10-r7	https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518	libxml2	HIGH	2.9.10-r6	2.9.10-r7	https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2022-23308	libxml2	HIGH	2.9.10-r6	2.9.13-r0	https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560	libxslt	HIGH	1.1.34-r0	1.1.35-r0	https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391	ssl_client	CRITICAL	1.32.1-r3	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-28831	ssl_client	HIGH	1.32.1-r3	1.32.1-r4	https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271	xz-libs	HIGH	5.2.5-r0	5.2.5-r1	https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032	zlib	HIGH	1.2.11-r3	1.2.12-r0	https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.8 (ubuntu 18.04)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-3449	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.9	https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.13	https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2022-0778	libssl1.1	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-33910	libsystemd0	HIGH	237-3ubuntu10.44	237-3ubuntu10.49	https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910	libudev1	HIGH	237-3ubuntu10.44	237-3ubuntu10.49	https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.9	https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.13	https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2022-0778	openssl	HIGH	1.1.1-1ubuntu2.1~18.04.8	1.1.1-1ubuntu2.1~18.04.15	https://avd.aquasec.com/nvd/cve-2022-0778

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-agent image

No scan found

Release 1.1.7

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.7 (alpine 3.11.12)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.7 (alpine 3.11.12)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/rbac-webhook

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.7 (alpine 3.11.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160	github.com/dgrijalva/jwt-go	HIGH	v3.2.0+incompatible		https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.7 (alpine 3.11.6)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-42378	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	ssl_client	HIGH	1.31.1-r10	1.31.1-r11	https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-41103	github.com/containerd/containerd	HIGH	v1.4.3	v1.4.11, v1.5.7	https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648	github.com/containerd/containerd	HIGH	v1.4.3	1.4.13, 1.5.10, 1.6.1	https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092	github.com/docker/cli	HIGH	v20.10.3+incompatible	v20.10.9	https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2014-9356	github.com/moby/moby	HIGH	v0.7.3-0.20190826074503-38ab9da00309	v1.3.3	https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921	github.com/opencontainers/runc	HIGH	v1.0.0-rc9	1.0.0-rc9.0.20200122160610-2fc03cc11c77	https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2019-12995	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.2	https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993	istio.io/istio	HIGH	v0.0.0-20210423173126-13fb8ac89420	v1.2.4	https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2019-11253	k8s.io/kubernetes	HIGH	v1.13.0	1.13.12, 1.14.8, 1.15.5, 1.16.2	https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558	k8s.io/kubernetes	HIGH	v1.13.0	1.16.11, 1.17.7, 1.18.4	https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741	k8s.io/kubernetes	HIGH	v1.13.0	1.19.15, 1.20.11, 1.21.5, 1.22.2	https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.7 (alpine 3.13.3)

Vulnerability ID	Package	Severity	Installed Version	Fixed Version	Reference
CVE-2021-36159	apk-tools	CRITICAL	2.12.1-r0	2.12.6-r0	https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139	apk-tools	HIGH	2.12.1-r0	2.12.5-r0	https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391	busybox	CRITICAL	1.32.1-r3	1.32.1-r8	https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-28831	busybox	HIGH	1.32.1-r3	1.32.1-r4	https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386	busybox	HIGH	1.32.1-r3	1.32.1-r7	https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945	curl	CRITICAL	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901	curl	HIGH	7.74.0-r1	7.77.0-r0	https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946	curl	HIGH	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711	libcrypto1.1	CRITICAL	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712	libcrypto1.1	HIGH	1.1.1k-r0	1.1.1l-r0	https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778	libcrypto1.1	HIGH	1.1.1k-r0	1.1.1n-r0	https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945	libcurl	CRITICAL	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901	libcurl	HIGH	7.74.0-r1	7.77.0-r0	https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946	libcurl	HIGH	7.74.0-r1	7.79.0-r0	https://avd.aquasec.com/nvd/cve-2021-22946</