Security Updates

Portal container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.

Latest 1.2.x Gloo Portal Release: v1.2.6

Gloo Portal gloo-portal-controller image

No scan found

Gloo Portal gloo-portal-admin-envoy image

No scan found

Gloo Portal gloo-portal-admin-server image

No scan found

Gloo Portal gloo-portal-admin-ui image

No scan found

Release v1.2.5

Gloo Portal gloo-portal-controller image

No scan found

Gloo Portal gloo-portal-admin-envoy image

No scan found

Gloo Portal gloo-portal-admin-server image

No scan found

Gloo Portal gloo-portal-admin-ui image

No scan found

Release v1.2.4

Gloo Portal gloo-portal-controller image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.4 (alpine 3.15.4)

Vulnerabilities Listed for usr/app/package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

No Vulnerabilities Found for usr/local/bin/gloo-portal-controller

Gloo Portal gloo-portal-admin-envoy image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.4 (ubuntu 18.04)

Gloo Portal gloo-portal-admin-server image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.4 (alpine 3.15.4)

Vulnerabilities Listed for usr/app/package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

No Vulnerabilities Found for usr/local/bin/adminserver

Gloo Portal gloo-portal-admin-ui image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.4 (alpine 3.15.4)

Release v1.2.3

Gloo Portal gloo-portal-controller image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.3 (alpine 3.15.4)

Vulnerabilities Listed for usr/app/package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

No Vulnerabilities Found for usr/local/bin/gloo-portal-controller

Gloo Portal gloo-portal-admin-envoy image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.3 (ubuntu 18.04)

Gloo Portal gloo-portal-admin-server image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.3 (alpine 3.15.4)

Vulnerabilities Listed for usr/app/package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

No Vulnerabilities Found for usr/local/bin/adminserver

Gloo Portal gloo-portal-admin-ui image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.3 (alpine 3.15.4)

Release v1.2.2

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.2 (alpine 3.15.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.2 (alpine 3.15.1)

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.2 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.2.1

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.1 (alpine 3.15.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.1 (alpine 3.15.1)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.1 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.2.0

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r7 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r7 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r3 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.0 (alpine 3.15.0)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.4-r2 3.3.4-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r8 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.34.1-r4 1.34.1-r5 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210817164053-32db794688a5 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.0 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Latest 1.1.x Gloo Portal Release: v1.1.3

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.3 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.3 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.3 (alpine 3.13.7)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r7 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.1.2

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.2 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.2 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r6 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.2 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.1.1

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.1 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.1 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.1 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.1.0

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.0 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.0 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.0 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Latest 1.0.x Gloo Portal Release: v1.0.5

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.5 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.5 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.5 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.0.4

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.4 (ubuntu 18.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-0778 libssl1.1 HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 openssl HIGH 1.1.1-1ubuntu2.1~18.04.13 1.1.1-1ubuntu2.1~18.04.15 https://avd.aquasec.com/nvd/cve-2022-0778

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.4 (alpine 3.14.2)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libretls HIGH 3.3.3p1-r2 3.3.3p1-r3 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.33.1-r3 1.33.1-r7 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.33.1-r3 1.33.1-r6 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.4 (alpine 3.13.6)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 curl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22946 libcurl HIGH 7.78.0-r0 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-23308 libxml2 HIGH 2.9.12-r0 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.0.3

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.3 (ubuntu 16.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.0.0 HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2020-1971 openssl HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-0778 libssl1.1 HIGH 1.1.1l-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.3 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2022-23308 libxml2 HIGH 2.9.10-r6 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.0.2

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.2 (ubuntu 16.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.0.0 HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2020-1971 openssl HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.2 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2022-23308 libxml2 HIGH 2.9.10-r6 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.0.1

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.1 (ubuntu 16.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.0.0 HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2020-1971 openssl HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.1 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2022-23308 libxml2 HIGH 2.9.10-r6 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Release v1.0.0

Gloo Portal gloo-portal-controller image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.0 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/gloo-portal-controller

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2019-12995 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.2 https://avd.aquasec.com/nvd/cve-2019-12995
CVE-2019-14993 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 v1.2.4 https://avd.aquasec.com/nvd/cve-2019-14993
CVE-2022-23635 istio.io/istio HIGH v0.0.0-20210423173126-13fb8ac89420 1.13.1, 1.11.7, 1.11.7 https://avd.aquasec.com/nvd/cve-2022-23635
CVE-2020-8558 k8s.io/kubernetes HIGH v1.18.2 1.16.11, 1.17.7, 1.18.4 https://avd.aquasec.com/nvd/cve-2020-8558
CVE-2021-25741 k8s.io/kubernetes HIGH v1.18.2 1.19.15, 1.20.11, 1.21.5, 1.22.2 https://avd.aquasec.com/nvd/cve-2021-25741

Gloo Portal gloo-portal-admin-envoy image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.0 (ubuntu 16.04)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-1971 libssl1.0.0 HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971
CVE-2020-1971 openssl HIGH 1.0.2g-1ubuntu4.15 1.0.2g-1ubuntu4.18 https://avd.aquasec.com/nvd/cve-2020-1971

Gloo Portal gloo-portal-admin-server image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.0 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.5-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2022-28391 busybox CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r6 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r6 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032

Vulnerabilities Listed for package-lock.json

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-3807 ansi-regex HIGH 5.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1 https://avd.aquasec.com/nvd/cve-2021-3807
CVE-2021-23807 jsonpointer CRITICAL 4.1.0 5.0.0 https://avd.aquasec.com/nvd/cve-2021-23807

Vulnerabilities Listed for usr/local/bin/adminserver

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2020-26160 github.com/dgrijalva/jwt-go HIGH v3.2.0+incompatible https://avd.aquasec.com/nvd/cve-2020-26160
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220315160706-3147a52a75dd https://avd.aquasec.com/nvd/cve-2022-27191

Gloo Portal gloo-portal-admin-ui image

Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.0 (alpine 3.13.4)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-36159 apk-tools CRITICAL 2.12.4-r0 2.12.6-r0 https://avd.aquasec.com/nvd/cve-2021-36159
CVE-2021-30139 apk-tools HIGH 2.12.4-r0 2.12.5-r0 https://avd.aquasec.com/nvd/cve-2021-30139
CVE-2022-28391 busybox CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 busybox HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2021-22945 curl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 curl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 curl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-3711 libcrypto1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libcrypto1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-22945 libcurl CRITICAL 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22945
CVE-2021-22901 libcurl HIGH 7.74.0-r1 7.77.0-r0 https://avd.aquasec.com/nvd/cve-2021-22901
CVE-2021-22946 libcurl HIGH 7.74.0-r1 7.79.0-r0 https://avd.aquasec.com/nvd/cve-2021-22946
CVE-2021-33560 libgcrypt HIGH 1.8.7-r0 1.8.8-r0 https://avd.aquasec.com/nvd/cve-2021-33560
CVE-2021-3711 libssl1.1 CRITICAL 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3711
CVE-2021-3712 libssl1.1 HIGH 1.1.1k-r0 1.1.1l-r0 https://avd.aquasec.com/nvd/cve-2021-3712
CVE-2022-0778 libssl1.1 HIGH 1.1.1k-r0 1.1.1n-r0 https://avd.aquasec.com/nvd/cve-2022-0778
CVE-2021-3517 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3517
CVE-2021-3518 libxml2 HIGH 2.9.10-r6 2.9.10-r7 https://avd.aquasec.com/nvd/cve-2021-3518
CVE-2022-23308 libxml2 HIGH 2.9.10-r6 2.9.13-r0 https://avd.aquasec.com/nvd/cve-2022-23308
CVE-2021-30560 libxslt HIGH 1.1.34-r0 1.1.35-r0 https://avd.aquasec.com/nvd/cve-2021-30560
CVE-2022-28391 ssl_client CRITICAL 1.32.1-r5 1.32.1-r8 https://avd.aquasec.com/nvd/cve-2022-28391
CVE-2021-42378 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42378
CVE-2021-42379 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42379
CVE-2021-42380 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42380
CVE-2021-42381 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42381
CVE-2021-42382 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42382
CVE-2021-42383 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42383
CVE-2021-42384 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42384
CVE-2021-42385 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42385
CVE-2021-42386 ssl_client HIGH 1.32.1-r5 1.32.1-r7 https://avd.aquasec.com/nvd/cve-2021-42386
CVE-2022-1271 xz-libs HIGH 5.2.5-r0 5.2.5-r1 https://avd.aquasec.com/nvd/cve-2022-1271
CVE-2018-25032 zlib HIGH 1.2.11-r3 1.2.12-r0 https://avd.aquasec.com/nvd/cve-2018-25032