Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.

Security and CVE scan

Latest 2.9.x gloo mesh enterprise Release: 2.9.1

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.1 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.1 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.9.0

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.0 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.0 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

Latest 2.8.x gloo mesh enterprise Release: 2.8.2

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.2 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.2 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.8.1

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.1 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.1 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.1 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.8.0

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.0 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.0 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.0 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250411142419-0d83506c28831.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

Latest 2.7.x gloo mesh enterprise Release: 2.7.4

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.4 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.4 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.4 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.7.3

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.3 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.3 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.3 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.7.2

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.2 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.2 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.2 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.7.1

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.1 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.1 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.1 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.7.0

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.0 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.0 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45337golang.org/x/cryptoCRITICALv0.27.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.27.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.0 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.15.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.32.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20250212095443-6bd0075edb311.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

Latest 2.6.x gloo mesh enterprise Release: 2.6.12

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.12 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.12 (ubuntu 24.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.12 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.6.11

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-ui image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.11 (alpine 3.21.3)

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.11 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.11 (alpine 3.21.3)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-22874stdlibHIGH1.24.21.24.4https://avd.aquasec.com/nvd/cve-2025-22874
Release 2.6.10

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.10 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.10 (ubuntu 24.04)

No Vulnerabilities Found for usr/local/bin/pilot-agent

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.10 (alpine 3.18.12)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.6.9

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.9 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.9 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45337golang.org/x/cryptoCRITICALv0.27.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.27.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.9 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.15.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.6.8

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.8 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.8 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45337golang.org/x/cryptoCRITICALv0.27.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.27.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.8 (alpine 3.18.11)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.15.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.6.7

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv27.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv27.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.7 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.7 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45337golang.org/x/cryptoCRITICALv0.27.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.27.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv27.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.7 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv27.0.3+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.15.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-22869golang.org/x/cryptoHIGHv0.31.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.6.6

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.6 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.6 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-45337golang.org/x/cryptoCRITICALv0.24.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.24.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.6 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.15.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
Release 2.6.5

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.5 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.5 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-45337golang.org/x/cryptoCRITICALv0.24.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.24.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.5 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.4

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.4 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.4 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/pilot-agent

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv26.1.4+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2024-45337golang.org/x/cryptoCRITICALv0.24.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.24.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.4 (alpine 3.18.9)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.3

gloo mesh enterprise gloo-mesh-portal-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.3 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.3 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.3 (alpine 3.18.8)

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.2

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.2 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.2 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.2 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.1

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.1 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.1 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.1 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156
Release 2.6.0

gloo mesh enterprise gloo-mesh-portal-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-mgmt-server image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-istiod-agent image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.0 (alpine 3.18.6)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.4-r53.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.0 (ubuntu 20.04)

gloo mesh enterprise gloo-mesh-spire-controller image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-analyzer image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.0 (alpine 3.18.8)

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-6119libcrypto3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119
CVE-2024-6119libssl3HIGH3.1.6-r03.1.7-r0https://avd.aquasec.com/nvd/cve-2024-6119

Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64

Vulnerability IDPackageSeverityInstalled VersionFixed VersionReference
CVE-2024-41110github.com/docker/dockerCRITICALv25.0.5+incompatible23.0.15, 26.1.5, 27.1.1, 25.0.6https://avd.aquasec.com/nvd/cve-2024-41110
CVE-2025-30153github.com/getkin/kin-openapiHIGHv0.107.00.131.0https://avd.aquasec.com/nvd/cve-2025-30153
CVE-2025-30204github.com/golang-jwt/jwt/v4HIGHv4.5.04.5.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2025-30204github.com/golang-jwt/jwt/v5HIGHv5.2.05.2.2https://avd.aquasec.com/nvd/cve-2025-30204
CVE-2024-45337golang.org/x/cryptoCRITICALv0.25.00.31.0https://avd.aquasec.com/nvd/cve-2024-45337
CVE-2025-22869golang.org/x/cryptoHIGHv0.25.00.35.0https://avd.aquasec.com/nvd/cve-2025-22869
CVE-2019-14993istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.1.13, 1.2.4https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2021-39155istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39155
CVE-2021-39156istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.9.8, 1.10.4, 1.11.1https://avd.aquasec.com/nvd/cve-2021-39156
CVE-2022-23635istio.io/istioHIGHv0.0.0-20240511025857-aaf597fbfae61.13.1, 1.12.4, 1.11.7https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2024-34156stdlibHIGH1.22.41.22.7, 1.23.1https://avd.aquasec.com/nvd/cve-2024-34156