Security and CVE report

Gloo Platform container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

How does Solo fix CVEs?

For OS vulnerabilities that are part of the Istio image, Solo waits for the CVE patch to be provided by the Istio community before releasing a new Solo image. According to the Istio CVE policy, critical CVEs that are found in Istio or that are exploitable through Istio are fixed by the Istio community as soon as possible, and released outside the regular release cycle. Fixes for non-critical CVEs are usually provided as part of the regular Istio release cycle.

For vulnerabilities that are found in a component that Solo controls, such as the image for the Gloo management server, Solo is responsible to provide a security patch. The patch is released as soon as it is available, independently from any Istio release.

Security and CVE scan

Latest 2.2.x gloo mesh enterprise Release: 2.2.1

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

Release 2.2.0

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.2.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.2.0 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.2.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.2.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.2.0 (alpine 3.16.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.2.0 (ubuntu 18.04)

Latest 2.1.x gloo mesh enterprise Release: 2.1.5

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

Release 2.1.4

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.1.4 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.1.4 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.1.4 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.1.4 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.1.4 (alpine 3.16.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.1.4 (ubuntu 18.04)

Release 2.1.3

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.1.3 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.1.3 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.1.3 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.1.3 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.1.3 (alpine 3.16.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.1.3 (ubuntu 18.04)

Release 2.1.2

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.1.2 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.1.2 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.1.2 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.1.2 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.1.2 (alpine 3.16.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-43551 curl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-43551 libcurl HIGH 7.83.1-r4 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.1.2 (ubuntu 18.04)

Release 2.1.1

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.1.1 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.1.1 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.1.1 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.1.1 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.1.1 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.1.1 (ubuntu 18.04)

Release 2.1.0

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.1.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.1.0 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.1.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.1.0 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.1.0 (alpine 3.16.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.1.0 (ubuntu 18.04)

Latest 2.0.x gloo mesh enterprise Release: 2.0.24

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.24 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.24 (alpine 3.16.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.24 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.24 (alpine 3.16.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.24 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r3 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r3 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-40303 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r1 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:2.0.24 (ubuntu 18.04)

Release 2.0.23

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.23 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.23 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.23 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.23 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.23 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.23 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.22

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.22 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.22 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.22 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.22 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.22 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.22 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.21

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.21 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.21 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.21 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.21 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.21 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.21 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.20

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.20 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.20 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.20 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.20 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.20 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.20 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.19

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.19 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.19 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.19 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.19 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.19 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.19 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.18

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.18 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.18 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.18 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.18 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.18 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.18 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.17

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.17 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.17 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.17 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.17 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.17 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.17 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.16

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.16 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.16 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.16 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.16 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.16 (alpine 3.16.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32221 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 curl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-32221 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-42916 libcurl HIGH 7.83.1-r2 7.83.1-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.83.1-r2 7.83.1-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.16 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.15

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

Release 2.0.14

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-agent:2.0.14 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.14 (alpine 3.14.2)

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.14 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-apiserver:2.0.14 (alpine 3.14.2)

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.14 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.14 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.13

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.13 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.13 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.12

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.12 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.12 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.11

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.11 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.11 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.10

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.10 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.10 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.9

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.9 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.9 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.8

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.8 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.8 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.7

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.7 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.6

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.6 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.5

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.5 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.4

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.4 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.3

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.3 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27405 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r1 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-27780 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r1 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r1 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r1 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.14-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.14-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.3 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.2

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.2 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404 freetype CRITICAL 2.11.1-r0 2.11.1-r1 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.13-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.1

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.1 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404 freetype CRITICAL 2.11.1-r0 2.11.1-r1 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.13-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 2.0.0

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-istiod-agent:2.0.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-mgmt-server:2.0.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:2.0.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:2.0.0 (alpine 3.15.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-32207 curl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 curl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 curl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 curl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-27404 freetype CRITICAL 2.11.1-r0 2.11.1-r1 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.11.1-r0 2.11.1-r2 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-32207 libcurl CRITICAL 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-32221 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-32221
CVE-2022-42915 libcurl CRITICAL 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42915
CVE-2022-22576 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.80.0-r0 7.80.0-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27780 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27780
CVE-2022-27781 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.80.0-r0 7.80.0-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-42916 libcurl HIGH 7.80.0-r0 7.80.0-r4 https://avd.aquasec.com/nvd/cve-2022-42916
CVE-2022-43551 libcurl HIGH 7.80.0-r0 7.80.0-r5 https://avd.aquasec.com/nvd/cve-2022-43551
CVE-2022-2309 libxml2 HIGH 2.9.13-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-40303 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.13-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2022-29458 ncurses-libs HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.3_p20211120-r0 6.3_p20211120-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-1586 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1586
CVE-2022-1587 pcre2 CRITICAL 10.39-r0 10.40-r0 https://avd.aquasec.com/nvd/cve-2022-1587
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:2.0.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Latest 1.2.x gloo mesh enterprise Release: 1.2.30

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.30 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.30 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.30 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.30 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.30 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.30 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.29

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.29 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.29 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.29 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.29 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.29 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.29 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.28

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.28 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.28 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.28 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.28 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.28 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.28 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.27

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.27 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.27 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.27 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.27 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r1 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.27 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.27 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.26

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.26 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.26 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.26 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.26 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.26 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.26 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.25

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.25 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.25 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.25 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.25 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-37434 zlib CRITICAL 1.2.12-r0 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.25 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.25 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.24

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.24 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.24 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.24 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.24 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.24 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.24 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.23

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.23 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.23 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.23 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.23 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.23 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.23 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.22

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.22 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.22 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.22 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.22 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.22 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.22 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.21

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

Release 1.2.20

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.20 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.20 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.20 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.20 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.20 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.20 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.19

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.19 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.19 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.19 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.19 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.19 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.19 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.18

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.18 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.18 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.18 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.18 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.18 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.18 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.17

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.17 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.17 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.17 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.17 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.17 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.17 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.16

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.16 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.16 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.16 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.16 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.16 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.16 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.15

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.15 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.15 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.15 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.15 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.15 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.15 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.14

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.14 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.14 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.4 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.4 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211130175222-4959f6f44728 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211130175222-4959f6f44728 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.14 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.14 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-32149 golang.org/x/text HIGH v0.3.7 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.14 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.14 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.13

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.13 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.13 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.13 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.12

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.12 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.12 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.12 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.11

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.11 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.11 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.11 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.10

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.10 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.10 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.10 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.9

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.9 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.9 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.9 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.8

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.8 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.8 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.8 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.7

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.7 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.7 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.6

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.6 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.6 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.5

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.5 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.4

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client HIGH 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.4 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-32207 curl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-32207 libcurl CRITICAL 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2022-22576 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.79.1-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.79.1-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-28391 ssl_client HIGH 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r7 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.3

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.3 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 curl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 libcurl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.3 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.2

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20211019135535-77e71d7074d8 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.2 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 curl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 libcurl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.1

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20210423173126-13fb8ac89420 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20210423173126-13fb8ac89420 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise gloo-mesh-mgmt-server image

No scan found

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.1 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 busybox HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 curl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 curl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 curl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-27404 freetype CRITICAL 2.10.4-r1 2.10.4-r2 https://avd.aquasec.com/nvd/cve-2022-27404
CVE-2022-27405 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27405
CVE-2022-27406 freetype HIGH 2.10.4-r1 2.10.4-r3 https://avd.aquasec.com/nvd/cve-2022-27406
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2022-32207 libcurl CRITICAL 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-32207
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-22576 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-22576
CVE-2022-27775 libcurl HIGH 7.78.0-r0 7.79.1-r1 https://avd.aquasec.com/nvd/cve-2022-27775
CVE-2022-27781 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27781
CVE-2022-27782 libcurl HIGH 7.78.0-r0 7.79.1-r2 https://avd.aquasec.com/nvd/cve-2022-27782
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-2309 libxml2 HIGH 2.9.12-r0 2.9.14-r1 https://avd.aquasec.com/nvd/cve-2022-2309
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2022-40303 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40303
CVE-2022-40304 libxml2 HIGH 2.9.12-r0 2.9.14-r2 https://avd.aquasec.com/nvd/cve-2022-40304
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-29458 ncurses-libs HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2022-29458 ncurses-terminfo-base HIGH 6.2_p20210109-r0 6.2_p20210109-r1 https://avd.aquasec.com/nvd/cve-2022-29458
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-30065 ssl_client HIGH 1.32.1-r6 1.32.1-r9 https://avd.aquasec.com/nvd/cve-2022-30065
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.2.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
Release 1.2.0

gloo mesh enterprise gloo-mesh-agent image

No scan found

gloo mesh enterprise gloo-mesh-istiod-agent image

No scan found

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 ssl_client HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-37434 zlib CRITICAL 1.2.11-r3 1.2.12-r2 https://avd.aquasec.com/nvd/cve-2022-37434
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2022-23648 github.com/containerd/containerd HIGH v1.4.3 1.4.13, 1.5.10, 1.6.1 https://avd.aquasec.com/nvd/cve-2022-23648
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible 2.16.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2014-9356 github.com/moby/moby HIGH v0.7.3-0.20190826074503-38ab9da00309 v1.3.3 https://avd.aquasec.com/nvd/cve-2014-9356
CVE-2019-19921 github.com/opencontainers/runc HIGH v1.0.0-rc9 1.0.0-rc9.0.20200122160610-2fc03cc11c77 https://avd.aquasec.com/nvd/cve-2019-19921
CVE-2022-29162 github.com/opencontainers/runc HIGH v1.0.0-rc9 v1.1.2 https://avd.aquasec.com/nvd/cve-2022-29162
CVE-2021-38561 golang.org/x/text HIGH v0.3.6 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561
CVE-2022-32149 golang.org/x/text HIGH v0.3.6 0.3.8 https://avd.aquasec.com/nvd/cve-2022-32149
CVE-2022-31045 istio.io/istio CRITICAL v0.0.0-20210423173126-13fb8ac89420 1.12.18, 1.13.5, 1.14.1 https://avd.aquasec.com/nvd/cve-2022-31045
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.9.8, 1.10.4, 1.11.1 https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2019-11253 k8s.io/kubernetes HIGH v1.13.0 1.13.12, 1.14.8, 1.15.5, 1.16.2 https://avd.aquasec.com/nvd/cve-2019-11253
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.13.0 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-28391 busybox HIGH 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl