Gloo Mesh Security and CVE report
Gloo Mesh Enterprise container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.
Latest 2.0.x gloo mesh enterprise Release: 2.0.0
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
No scan found
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-ui image
No scan found
Latest 1.2.x gloo mesh enterprise Release: 1.2.26
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:1.2.26 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
No Vulnerabilities Found for quay.io/solo-io/rbac-webhook:1.2.26 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.26 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
No Vulnerabilities Found for quay.io/solo-io/enterprise-networking:1.2.26 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
No Vulnerabilities Found for quay.io/solo-io/enterprise-agent:1.2.26 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.26 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.25
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:1.2.25 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
No Vulnerabilities Found for quay.io/solo-io/rbac-webhook:1.2.25 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.25 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
No Vulnerabilities Found for quay.io/solo-io/enterprise-networking:1.2.25 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
No Vulnerabilities Found for quay.io/solo-io/enterprise-agent:1.2.25 (alpine 3.14.2)
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.25 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.24
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.24 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.24 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.24 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.24 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.24 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.24 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.23
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.23 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.23 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.23 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.23 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.23 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.23 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.22
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.22 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.22 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.22 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.22 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.22 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.22 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.21
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
No scan found
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-ui image
No scan found
Release 1.2.20
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.20 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.20 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.20 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.20 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.20 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.20 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.19
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.19 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.19 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.19 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.19 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.19 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.19 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.18
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.18 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.18 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.18 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.18 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.18 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.18 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.17
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.17 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.17 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.17 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.17 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.17 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.17 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.16
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.16 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.16 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.16 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.16 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.16 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.16 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.15
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.15 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.15 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.15 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.15 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.15 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.15 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.14
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.14 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.14 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.14 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.14 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.14 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.4 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.4 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20211117183948-ae814b36b871 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211130175222-4959f6f44728 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.14 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.13
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.13 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.13 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.13 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.13 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.13 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.13 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.12
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.12 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.12 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.12 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.12 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.12 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.12 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.11
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.11 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.11 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.11 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.11 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.11 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.11 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.10
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.10 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.10 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.10 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.10 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.10 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210711020723-a769d52b0f97 | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.10 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.9
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.9 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.9 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.9 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.9 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.9 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.9 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.8
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.8 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.8 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.8 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.8 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.8 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.8 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.7
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.7 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.7 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.7 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.7 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.7 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.7 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.6
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.6 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.6 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.6 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.6 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.6 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.6 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.5
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.5 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.5 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.5 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.5 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.5 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.4
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.4 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.4 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.4 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.4 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.4 (alpine 3.13.7)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.3
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.3 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.3 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.3 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.3 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.3 (alpine 3.13.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.2
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.2 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.2 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.2 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.2 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20211019135535-77e71d7074d8 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.2 (alpine 3.13.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.1
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.1 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.1 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.1 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.1 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.1 (alpine 3.13.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.2.0
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.0 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.0 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.0 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.0 (alpine 3.14.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for usr/local/bin/executable
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220315160706-3147a52a75dd | https://avd.aquasec.com/nvd/cve-2022-27191 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.0 (alpine 3.13.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Latest 1.1.x gloo mesh enterprise Release: 1.1.8
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.8 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.8 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.8 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.8 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.8 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.8 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.7
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.7 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.7 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.7 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.7 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.7 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.7 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.6
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.6 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.6 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.6 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.6 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.6 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.6 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.5
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.5 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.5 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.5 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.5 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.5 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.4
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.4 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.4 (alpine 3.11.12)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.4 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.4 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.4 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.3
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.3 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.3 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.3 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.3 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.3 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.2
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.2 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.2 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.2 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.2 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.2 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.1
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.1 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.1 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.1 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.1 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.1 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release 1.1.0
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.0 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/gloo-mesh-apiserver
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise rbac-webhook image
Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.0 (alpine 3.11.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.10.6-r0 | 2.10.7-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/rbac-webhook
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-3449 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-33910 | libsystemd0 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-33910 | libudev1 | HIGH | 237-3ubuntu10.44 | 237-3ubuntu10.49 | https://avd.aquasec.com/nvd/cve-2021-33910 |
| CVE-2021-3449 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.9 | https://avd.aquasec.com/nvd/cve-2021-3449 |
| CVE-2021-3711 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.13 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.8 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise enterprise-networking image
Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.0 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-networking
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise enterprise-agent image
Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.0 (alpine 3.11.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-42378 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-42378 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.31.1-r10 | 1.31.1-r11 | https://avd.aquasec.com/nvd/cve-2021-42386 |
Vulnerabilities Listed for usr/local/bin/enterprise-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-41103 | github.com/containerd/containerd | HIGH | v1.4.3 | v1.4.11, v1.5.7 | https://avd.aquasec.com/nvd/cve-2021-41103 |
| CVE-2022-23648 | github.com/containerd/containerd | HIGH | v1.4.3 | 1.4.13, 1.5.10, 1.6.1 | https://avd.aquasec.com/nvd/cve-2022-23648 |
| CVE-2021-41092 | github.com/docker/cli | HIGH | v20.10.3+incompatible | v20.10.9 | https://avd.aquasec.com/nvd/cve-2021-41092 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | v1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2019-19921 | github.com/opencontainers/runc | HIGH | v1.0.0-rc9 | 1.0.0-rc9.0.20200122160610-2fc03cc11c77 | https://avd.aquasec.com/nvd/cve-2019-19921 |
| CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2019-11253 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.13.12, 1.14.8, 1.15.5, 1.16.2 | https://avd.aquasec.com/nvd/cve-2019-11253 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.0 (alpine 3.13.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.1-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.1-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2022-28391 | busybox | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | busybox | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
| CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
| CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
| CVE-2022-28391 | ssl_client | CRITICAL | 1.32.1-r3 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
| CVE-2021-28831 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r4 | https://avd.aquasec.com/nvd/cve-2021-28831 |
| CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
| CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
| CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
| CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
| CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
| CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
| CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
| CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
| CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r3 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
| CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
| CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |