Security Updates
Portal container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.
Latest 1.1.x Gloo Portal Release: v1.1.2
Gloo Portal gloo-portal-controller image
No scan found
Gloo Portal gloo-portal-admin-envoy image
No scan found
Gloo Portal gloo-portal-admin-server image
No scan found
Gloo Portal gloo-portal-admin-ui image
No scan found
Release v1.1.1
Gloo Portal gloo-portal-controller image
No scan found
Gloo Portal gloo-portal-admin-envoy image
No scan found
Gloo Portal gloo-portal-admin-server image
No scan found
Gloo Portal gloo-portal-admin-ui image
No scan found
Release v1.1.0
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.1.0 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993 CVE-2020-8558|k8s.io/kubernetes|HIGH|v1.18.2|1.16.11, 1.17.7, 1.18.4|https://avd.aquasec.com/nvd/cve-2020-8558
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.0 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.0 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Latest 1.0.x Gloo Portal Release: v1.0.5
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.0.5 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993 CVE-2020-8558|k8s.io/kubernetes|HIGH|v1.18.2|1.16.11, 1.17.7, 1.18.4|https://avd.aquasec.com/nvd/cve-2020-8558
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.5 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.5 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
| CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
Release v1.0.4
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.0.4 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993 CVE-2020-8558|k8s.io/kubernetes|HIGH|v1.18.2|1.16.11, 1.17.7, 1.18.4|https://avd.aquasec.com/nvd/cve-2020-8558
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.4 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.4 (alpine 3.14.2) No Vulnerabilities Found for package-lock.json No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-22945 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
| CVE-2021-22945 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
Release v1.0.3
Gloo Portal gloo-portal-controller image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2020-26160|github.com/dgrijalva/jwt-go|HIGH|v3.2.0+incompatible||https://avd.aquasec.com/nvd/cve-2020-26160 CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993
Gloo Portal gloo-portal-admin-envoy image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.3 (alpine 3.13.4) No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2020-26160|github.com/dgrijalva/jwt-go|HIGH|v3.2.0+incompatible||https://avd.aquasec.com/nvd/cve-2020-26160
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22924 | curl | HIGH | 7.74.0-r1 | 7.78.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22924 |
| CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22924 | libcurl | HIGH | 7.74.0-r1 | 7.78.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22924 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
| CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
Release v1.0.2
Gloo Portal gloo-portal-controller image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2020-26160|github.com/dgrijalva/jwt-go|HIGH|v3.2.0+incompatible||https://avd.aquasec.com/nvd/cve-2020-26160 CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993
Gloo Portal gloo-portal-admin-envoy image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.2 (alpine 3.13.4) No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2020-26160|github.com/dgrijalva/jwt-go|HIGH|v3.2.0+incompatible||https://avd.aquasec.com/nvd/cve-2020-26160
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
Release v1.0.1
Gloo Portal gloo-portal-controller image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993
Gloo Portal gloo-portal-admin-envoy image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.1 (alpine 3.13.4) No Vulnerabilities Found for package-lock.json No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
Release v1.0.0
Gloo Portal gloo-portal-controller image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
No Vulnerabilities Found for package-lock.json Vulnerability ID|Package|Severity|Installed Version|Fixed Version|Reference —|—|—|—|—|— CVE-2019-12995|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.2|https://avd.aquasec.com/nvd/cve-2019-12995 CVE-2019-14993|istio.io/istio|HIGH|v0.0.0-20210423173126-13fb8ac89420|v1.2.4|https://avd.aquasec.com/nvd/cve-2019-14993
Gloo Portal gloo-portal-admin-envoy image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
| CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.0 (alpine 3.13.4) No Vulnerabilities Found for package-lock.json No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
| Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
|---|---|---|---|---|---|
| CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
| CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
| CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
| CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
| CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |