Gloo Mesh Security and CVE report

Gloo Mesh Enterprise container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.2.x gloo mesh enterprise Release: 1.2.4

gloo mesh enterprise gloo-mesh-apiserver image

No scan found

gloo mesh enterprise gloo-mesh-ui image

No scan found

gloo mesh enterprise gloo-mesh-envoy image

No scan found

gloo mesh enterprise rbac-webhook image

No scan found

gloo mesh enterprise enterprise-networking image

No scan found

gloo mesh enterprise enterprise-agent image

No scan found

Release 1.2.3

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/executable

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.3 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:1.2.3 (ubuntu 18.04)

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.2.2

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/executable

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.2 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:1.2.2 (ubuntu 18.04)

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20211019135535-77e71d7074d8 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.2.1

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/executable

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.1 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:1.2.1 (ubuntu 18.04)

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.2.0

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/executable

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.2.0 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

No Vulnerabilities Found for quay.io/solo-io/gloo-mesh-envoy:1.2.0 (ubuntu 18.04)

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.2.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/executable

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

Latest 1.1.x gloo mesh enterprise Release: 1.1.8

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.8 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.8 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.8 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.8 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.8 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.8 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.7

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.7 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.7 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.7 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.7 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.7 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.7 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.6

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.6 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.6 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.6 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.6 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.6 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.6 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.5

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.5 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.5 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.5 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.5 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.5 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.4

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.4 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.4 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.4 (alpine 3.11.12)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.4 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.4 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.3

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.3 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.3 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.3 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.3 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.3 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.3 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.2

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.2 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.2 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.2 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.2 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.2 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.1

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.1 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.1 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.1 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.1 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.1 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
Release 1.1.0

gloo mesh enterprise gloo-mesh-apiserver image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-apiserver:1.1.0 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/gloo-mesh-apiserver

gloo mesh enterprise gloo-mesh-ui image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-ui:1.1.0 (alpine 3.13.3)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.1-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.1-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2021-28831 busybox HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2021-28831 ssl_client HIGH 1.32.1-r3 1.32.1-r4 https://avd.aquasec.com/nvd/cve-2021-28831
CVE-2021-42378 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r3 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386

gloo mesh enterprise gloo-mesh-envoy image

Vulnerabilities Listed for quay.io/solo-io/gloo-mesh-envoy:1.1.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3449 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-33910 libsystemd0 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-33910 libudev1 HIGH 237-3ubuntu10.44 237-3ubuntu10.49 https://avd.aquasec.com/nvd/cve-2021-33910
CVE-2021-3449 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.9 https://avd.aquasec.com/nvd/cve-2021-3449
CVE-2021-3711 openssl HIGH 1.1.1-1ubuntu2.1~18.04.8 1.1.1-1ubuntu2.1~18.04.13 https://avd.aquasec.com/nvd/cve-2021-3711

gloo mesh enterprise rbac-webhook image

Vulnerabilities Listed for quay.io/solo-io/rbac-webhook:1.1.0 (alpine 3.11.11)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.10.6-r0 2.10.7-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

No Vulnerabilities Found for usr/local/bin/rbac-webhook

gloo mesh enterprise enterprise-networking image

Vulnerabilities Listed for quay.io/solo-io/enterprise-networking:1.1.0 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-networking

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558

gloo mesh enterprise enterprise-agent image

Vulnerabilities Listed for quay.io/solo-io/enterprise-agent:1.1.0 (alpine 3.11.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-42378 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2021-42378 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.31.1-r10 1.31.1-r11 https://avd.aquasec.com/nvd/cve-2021-42386

Vulnerabilities Listed for usr/local/bin/enterprise-agent

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-41103 github.com/containerd/containerd HIGH v1.4.3 v1.4.11, v1.5.7 https://avd.aquasec.com/nvd/cve-2021-41103
CVE-2021-41092 github.com/docker/cli HIGH v20.10.3+incompatible v20.10.9 https://avd.aquasec.com/nvd/cve-2021-41092
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2020-8558 k8s.io/kubernetes HIGH v1.13.0 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558