Security and CVE report
Gloo Platform container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.
How does Solo fix CVEs?
For OS vulnerabilities that are part of the Cilium image, Solo waits for the CVE patch to be provided by the Cilium community before releasing a new Solo image. Critical CVEs that are found in Cilium or that are exploitable through Cilium are fixed by the Cilium community as soon as possible, and released outside the regular release cycle. Fixes for non-critical CVEs are usually provided as part of the regular Cilium release cycle.
For vulnerabilities that are found in a component that Solo controls, such as the image for the Gloo management server, Solo is responsible to provide a security patch. The patch is released as soon as it is available, independently from any Cilium release.
Security and CVE scan
Latest 2.4.x gloo mesh enterprise Release: 2.4.2
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No scan found
gloo mesh enterprise gloo-mesh-ui image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
No scan found
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.4.1
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-28840 | github.com/docker/docker | HIGH | v23.0.1+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-28840 | github.com/docker/docker | HIGH | v23.0.1+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-28840 | github.com/docker/docker | HIGH | v23.0.1+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.1 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.1 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.1 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230824050558-a835e9cca9eb | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.4.0
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-spire-controller:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/spire-controller-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.4.0 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.4.0 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.4.0 (alpine 3.18.3)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20230403164233-3e857775086a | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Latest 2.3.x gloo mesh enterprise Release: 2.3.18
gloo mesh enterprise gloo-mesh-mgmt-server image
No scan found
gloo mesh enterprise gloo-mesh-agent image
No scan found
gloo mesh enterprise gloo-mesh-istiod-agent image
No scan found
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No scan found
gloo mesh enterprise gloo-mesh-ui image
No scan found
gloo mesh enterprise gloo-mesh-envoy image
No scan found
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.17
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.17 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.17 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.17 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.17 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.17 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.17 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.17 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.16
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.16 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.16 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.16 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.16 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.16 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.16 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.16 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.15
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.15 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.15 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.15 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.15 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.15 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.15 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.15 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.14
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.14 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.14 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.14 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.14 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.14 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.14 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.14 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.13
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.13 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.13 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.13 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.13 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.13 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.13 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.13 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.12
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.12 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.12 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.12 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.12 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.12 (alpine 3.17.5)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.12 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.12 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.11
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.11 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.11 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.11 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.11 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.11 (alpine 3.17.4)
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.11 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.11 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.10
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.10 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.10 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.10 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.10 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.10 (alpine 3.17.4)
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.10 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.10 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.9
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.9 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.9 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.9 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.9 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.9 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.9 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.8
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.8 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.8 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.8 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.8 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.8 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.8 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.7
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.7 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.7 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.7 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.7 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.7 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.7 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.7 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.6
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.6 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.6 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.6 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.6 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.6 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.6 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.6 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.5
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.5 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.5 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.5 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.5 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.5 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.5 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.4
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.4 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.4 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.4 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.4 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.4 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.4 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.3
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.3 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.3 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.3 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.3 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.3 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.3 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.2
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.2 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.2 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.2 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.2 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.2 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.2 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.1
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.1 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.1 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.1 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.1 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.1 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.1 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.3.0
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.3.0 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.3.0 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.3.0 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.3.0 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.12.3 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.3.0 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.3.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-portal-server:2.3.0 (alpine 3.17.1)
Vulnerabilities Listed for usr/local/bin/portal-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20221208171804-952b2e8bc4b0 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise enterprise-networking image
No scan found
Latest 2.2.x gloo mesh enterprise Release: 2.2.9
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.9 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.9 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.9 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.9 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.9 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.9 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.8
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.8 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.8 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.8 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.8 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.8 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.8 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.7
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.7 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.7 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.7 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.7 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.7 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.7 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.6
gloo mesh enterprise gloo-mesh-mgmt-server image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.6 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.6 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.6 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.6 (alpine 3.16.2)
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v2.8.1+incompatible | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2023-28840 | github.com/docker/docker | HIGH | v20.10.16+incompatible | 20.10.24, 23.0.3 | https://avd.aquasec.com/nvd/cve-2023-28840 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220606160615-c6abaf5e5fd6 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.6 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
No Vulnerabilities Found for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.6 (ubuntu 20.04)
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.5
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.5 (alpine 3.17.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.4
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.4 (alpine 3.17.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.3
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1t-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.5.0 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.3 (alpine 3.17.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.2
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.2 (alpine 3.17.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.1
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.1 (alpine 3.17.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.2.0
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.2.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.2.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.2.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.2.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.2 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.2.0 (alpine 3.16.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.2.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Latest 2.1.x gloo mesh enterprise Release: 2.1.5
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.5 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.5 (alpine 3.17.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libcrypto3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0216 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0216 |
| CVE-2023-0217 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0217 |
| CVE-2023-0286 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0401 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r0 | https://avd.aquasec.com/nvd/cve-2023-0401 |
| CVE-2023-0464 | libssl3 | HIGH | 3.0.7-r2 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.5 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.1.4
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.4 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.4 (alpine 3.16.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.4 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.1.3
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.3 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.3 (alpine 3.16.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.3 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.1.2
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.2 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.2 (alpine 3.16.3)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.2 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.1.1
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.1 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.1 (alpine 3.16.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
| CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
| CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
| CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
| CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
| CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.1 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found
Release 2.1.0
gloo mesh enterprise gloo-mesh-mgmt-server image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-mgmt-server:2.1.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/mgmt-server-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-agent:2.1.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-mesh-istiod-agent image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-istiod-agent:2.1.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/istiod-agent-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
gloo mesh enterprise gloo-otel-controller image
No scan found
gloo mesh enterprise gloo-mesh-spire-controller image
No scan found
gloo mesh enterprise rbac-webhook image
No scan found
gloo mesh enterprise enterprise-agent image
No scan found
gloo mesh enterprise gloo-mesh-apiserver image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-apiserver:2.1.0 (alpine 3.16.2)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for usr/local/bin/apiserver-linux-amd64
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-29002 | github.com/cilium/cilium | HIGH | v1.11.5 | 1.11.16, 1.12.9, 1.13.2 | https://avd.aquasec.com/nvd/cve-2023-29002 |
| CVE-2021-21272 | github.com/deislabs/oras | HIGH | v0.8.1 | 0.9.0 | https://avd.aquasec.com/nvd/cve-2021-21272 |
| CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
| CVE-2017-11468 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.7.0-rc.0 | https://avd.aquasec.com/nvd/cve-2017-11468 |
| CVE-2023-2253 | github.com/docker/distribution | HIGH | v0.0.0-20191216044856-a8371794149d | 2.8.2-beta.1 | https://avd.aquasec.com/nvd/cve-2023-2253 |
| CVE-2022-37315 | github.com/graphql-go/graphql | HIGH | v0.8.0 | 0.8.1 | https://avd.aquasec.com/nvd/cve-2022-37315 |
| CVE-2014-9356 | github.com/moby/moby | HIGH | v0.7.3-0.20190826074503-38ab9da00309 | 1.3.3 | https://avd.aquasec.com/nvd/cve-2014-9356 |
| CVE-2023-27561 | github.com/opencontainers/runc | HIGH | v1.1.1 | 1.1.5 | https://avd.aquasec.com/nvd/cve-2023-27561 |
| CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
| CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
| CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220722155237-a158d28d115b | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
| CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
| CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
| CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
| CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
| CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20220516185659-202e88863858 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
| CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
| CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.13.0 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
gloo mesh enterprise gloo-mesh-ui image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-ui:2.1.0 (alpine 3.16.1)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
| CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
| CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
| CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
| CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
| CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
| CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
| CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
| CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
| CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
| CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
| CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
| CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
| CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
| CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
| CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
| CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
| CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
| CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
| CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
| CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
| CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
| CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
gloo mesh enterprise gloo-mesh-envoy image
Vulnerabilities Listed for gcr.io/gloo-mesh/gloo-mesh-envoy:2.1.0 (ubuntu 18.04)
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
| CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
gloo mesh enterprise gloo-mesh-portal-server image
No scan found
gloo mesh enterprise enterprise-networking image
No scan found