On this page
Security and CVE scan results
Review security and CVE scan results for Solo.io products.
Gloo container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities. To learn more about how Solo.io detects, tracks, and remediates CVEs, see CVE lifecycle handling.
Security and CVE scan
Latest 2.12.x gloo mesh enterprise Release: 2.12.0
gloo mesh enterprise gloo-mesh-ui image
No scan found
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise gloo-mesh-analyzer image
No scan found
Latest 2.11.x gloo mesh enterprise Release: 2.11.3
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.11.3 (alpine 3.23.3)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/portal-server-linux-amd64
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/mgmt-server-linux-amd64
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/agent-linux-amd64
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/istiod-agent-linux-amd64
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/apiserver-linux-amd64
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.11.3 (ubuntu 24.04)
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/spire-controller-linux-amd64
gloo mesh enterprise gloo-mesh-analyzer image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.11.3 (alpine 3.23.3)
No Vulnerabilities Found for usr/local/bin/analyzer-linux-amd64
Release 2.11.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.11.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.11.2 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.11.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.11.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.11.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.11.1 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.11.1 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.11.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.11.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.11.0 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.11.0 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.25.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.25.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.25.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Latest 2.10.x gloo mesh enterprise Release: 2.10.4
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.10.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.10.4 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.10.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.10.3
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.10.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.10.3 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.10.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.10.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.10.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.10.2 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.10.2 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.10.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.10.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.10.1 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.10.1 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.10.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.10.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.10.0 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.10.0 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.6 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.6 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.6 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.6 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Latest 2.9.x gloo mesh enterprise Release: 2.9.5
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.5 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.5 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.9.4
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.4 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.9.3
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.3 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.3 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.9.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.2 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.2 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.9.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.1 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.9.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.9.0 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.9.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Latest 2.8.x gloo mesh enterprise Release: 2.8.6
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.6 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.6 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.6 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.5
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.5 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.5 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.5 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.11 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.11 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.4
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.4 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.4 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.3
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.3 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.3 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.2 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.1 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.1 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.8.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.8.0 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.8 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.8 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.8 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.8 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.8.0 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250411142419-0d83506c2883 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Latest 2.7.x gloo mesh enterprise Release: 2.7.7
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.7 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.7 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.7 (alpine 3.21.5)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.5-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.9 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.9 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.9 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.6
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.6 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.6 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.6 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.5
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.5 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.5 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.5 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.4
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.4 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.4 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.3
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.3 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.3 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.2 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.2 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.8 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.8 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.8 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.8 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.8 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.2 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.1 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.1 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.1 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.7.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.7.0 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.1 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.7.0 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.27.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.27.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.23.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.7.0 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.32.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.25.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.0 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20250212095443-6bd0075edb31 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.3 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.3 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.3 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.3 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.3 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Latest 2.6.x gloo mesh enterprise Release: 2.6.13
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.13 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.27 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.13 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17.3 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.13 (alpine 3.21.4)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.4-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.5 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.5 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.5 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.5 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.5 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.12
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.12 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.12 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.11
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.24 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.11 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.11 (alpine 3.21.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-15467 | libcrypto3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libcrypto3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
| CVE-2025-15467 | libssl3 | CRITICAL | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-15467 |
| CVE-2025-69419 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69419 |
| CVE-2025-69421 | libssl3 | HIGH | 3.3.3-r0 | 3.3.6-r0 | https://avd.aquasec.com/nvd/cve-2025-69421 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.17.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.24.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-22874 | stdlib | HIGH | 1.24.2 | 1.24.4 | https://avd.aquasec.com/nvd/cve-2025-22874 |
| CVE-2025-47907 | stdlib | HIGH | 1.24.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.24.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.24.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.24.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.10
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.10 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.10 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.10 (alpine 3.18.12)
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.9
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.9 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.1 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.9 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.27.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.27.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.23.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.9 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.8
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.8 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.1 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.8 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.27.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.27.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.23.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.8 (alpine 3.18.11)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.7
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.7 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v27.0.3+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v27.0.3+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v27.0.3+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.1 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.7 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.27.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.27.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.23.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.23.2 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.23.2 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.23.2 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.23.2 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.23.2 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.7 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v27.0.3+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.31.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.6
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.6 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.1 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.6 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.24.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.24.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.6 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.5
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.5 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.5 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v26.1.4+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.24.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.24.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.5 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.4
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.4 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.4 (ubuntu 24.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-68973 | gpgv | HIGH | 2.4.4-2ubuntu17 | 2.4.4-2ubuntu17.4 | https://avd.aquasec.com/nvd/cve-2025-68973 |
| CVE-2025-32462 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32462 |
| CVE-2025-32463 | sudo | HIGH | 1.9.15p5-3ubuntu5 | 1.9.15p5-3ubuntu5.24.04.1 | https://avd.aquasec.com/nvd/cve-2025-32463 |
Vulnerabilities Listed for usr/local/bin/pilot-agent
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v26.1.4+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.24.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.24.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.21.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.7 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.7 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.7 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.7 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.7 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.4 (alpine 3.18.9)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.3
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.3 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.3 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.3 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.2
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.2 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.2 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.2 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.1
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.1 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.1 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.1 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
Release 2.6.0
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.6.0 (alpine 3.18.6)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.4-r5 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
gloo mesh enterprise gloo-mesh-portal-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v25.0.5+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v25.0.5+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-25621 | github.com/containerd/containerd | HIGH | v1.7.12 | 1.7.29 | https://avd.aquasec.com/nvd/cve-2024-25621 |
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v25.0.5+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30153 | github.com/getkin/kin-openapi | HIGH | v0.107.0 | 0.131.0 | https://avd.aquasec.com/nvd/cve-2025-30153 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v5 | HIGH | v5.2.0 | 5.2.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.6.0 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-spire-controller image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |
gloo mesh enterprise gloo-mesh-analyzer image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-analyzer:2.6.0 (alpine 3.18.8)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-6119 | libcrypto3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2024-6119 | libssl3 | HIGH | 3.1.6-r0 | 3.1.7-r0 | https://avd.aquasec.com/nvd/cve-2024-6119 |
| CVE-2025-26519 | musl | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
| CVE-2025-26519 | musl-utils | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2025-26519 |
Vulnerabilities Listed for usr/local/bin/analyzer-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2024-41110 | github.com/docker/docker | CRITICAL | v25.0.5+incompatible | 23.0.15, 26.1.5, 27.1.1, 25.0.6 | https://avd.aquasec.com/nvd/cve-2024-41110 |
| CVE-2025-30204 | github.com/golang-jwt/jwt/v4 | HIGH | v4.5.0 | 4.5.2 | https://avd.aquasec.com/nvd/cve-2025-30204 |
| CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.25.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
| CVE-2025-22869 | golang.org/x/crypto | HIGH | v0.25.0 | 0.35.0 | https://avd.aquasec.com/nvd/cve-2025-22869 |
| CVE-2025-22868 | golang.org/x/oauth2 | HIGH | v0.20.0 | 0.27.0 | https://avd.aquasec.com/nvd/cve-2025-22868 |
| CVE-2025-53547 | helm.sh/helm/v3 | HIGH | v3.14.3 | 3.18.4, 3.17.4 | https://avd.aquasec.com/nvd/cve-2025-53547 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20240511025857-aaf597fbfae6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2025-68121 | stdlib | CRITICAL | 1.22.4 | 1.24.13, 1.25.7, 1.26.0-rc.3 | https://avd.aquasec.com/nvd/cve-2025-68121 |
| CVE-2024-34156 | stdlib | HIGH | 1.22.4 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
| CVE-2025-47907 | stdlib | HIGH | 1.22.4 | 1.23.12, 1.24.6 | https://avd.aquasec.com/nvd/cve-2025-47907 |
| CVE-2025-58183 | stdlib | HIGH | 1.22.4 | 1.24.8, 1.25.2 | https://avd.aquasec.com/nvd/cve-2025-58183 |
| CVE-2025-61726 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61726 |
| CVE-2025-61728 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61728 |
| CVE-2025-61729 | stdlib | HIGH | 1.22.4 | 1.24.11, 1.25.5 | https://avd.aquasec.com/nvd/cve-2025-61729 |
| CVE-2025-61730 | stdlib | HIGH | 1.22.4 | 1.24.12, 1.25.6 | https://avd.aquasec.com/nvd/cve-2025-61730 |